I have setup a test Pix 515 to hopefully learn a little after work ...
The external connection is a DHCP assigned IP address and the Pix is 515 running V7.2 with ASDM V524
Question
Is this basic setup ok ? as it seemed strange setting the access-list to any any and having to setup indervidual statics.
I also had major problems getting external connections.
regards
PIX Version 7.2(4)
!
hostname pixfirewall
domain-name pixfirewall.com
enable password ********* encrypted
passwd *********** encrypted
names
name 10.0.0.0 Inside_Network description Inside_Network
!
interface Ethernet0
nameif outside
security-level 0
ip address dhcp setroute
!
interface Ethernet1
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
!
ftp mode passive
dns server-group DefaultDNS
domain-name pixfirewall.com
access-list inside_access_in extended permit ip Inside_Network 255.255.255.0 any
access-list outside_access_in extended permit tcp any any eq www
access-list outside_access_in extended permit tcp any any eq ftp
access-list outside_access_in extended permit tcp any any eq 3389
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image flash:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 Inside_Network 255.255.255.0
static (inside,outside) tcp interface www 10.0.0.249 www netmask 255.255.255.255
static (inside,outside) tcp interface ftp 10.0.0.250 ftp netmask 255.255.255.255
static (inside,outside) tcp interface 3389 10.0.0.249 3389 netmask 255.255.255.255
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
timeout xlate 3:00:00
Start Free Trial
