Solved

pix506e

Posted on 2003-10-29
3
247 Views
Last Modified: 2013-11-16
how to open ports in cisco pix 506e
0
Comment
Question by:nakka_sudhir
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 2

Accepted Solution

by:
Russky earned 50 total points
ID: 9641511
Hi Nakka,

Can only give you basic info given the amount I have to go on!

Pix 506, you will need 2 Access Lists - One for the External interface and one for the Internal Interface.

Unless you are running a webserver or other kind of service, the external access list should deny everything
The internal access list should only allow through the traffic you need, i.e. port 80 for Web Browsing, 442 for SSL Etc..

So, firstly you need to create your access lists:
***
access-list acl_out deny ip any any
access-list acl_int permit tcp host any any eq www
access-list acl_int permit udp host any any eq domain
***

Then you bind them to the required interface:
***
access-group acl_out in interface outside
access-group acl_int in interface inside
***

acl_out is bound to the outside interface and denys all incoming traffic
acl_int is bound to the inside interface and only allows traffic out on ports 80 and 53 - the basics needed for web browsing.

Provided the rest of the pix is set up correctly you will now be able to look at web pages.

Hope this helps,

Russky




0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question