[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Pix 501 Configuration

Posted on 2006-05-04
5
Medium Priority
?
262 Views
Last Modified: 2013-11-16
I have a Pix 501 Firewall (brand new). One Cat6 cable out of the Firewall to a Netgear Layer2 Gig Switch. Then six Cat6 cables in the switch also from the server. I need help configuring the firewall. I need to:

~Disable Internal DHCP
~Assign an External Static Ip of"0.0.0.0" with defalt gateway and subnet mask and dns
~Port Forward Port 3389 to "0.0.0.0"
~Port Forward Port 308 to "0.0.0.0"

What is the better way to do it? Through the Terminal, or Web? I have never done this before, but I hear if I post Pix questions here, they get answered! Thanks
0
Comment
Question by:LeviDaily
  • 2
  • 2
5 Comments
 
LVL 20

Accepted Solution

by:
calvinetter earned 2000 total points
ID: 16612123
>What is the better way to do it? Through the Terminal, or Web?
    Terminal is much faster, & virtually all the PIX regulars here at EE use the CLI instead of the GUI.  
However, you can send commands via the PDM web interface: Tools -> Command Line Interface... -> click on "Multiple Line Command" button, paste in several lines at a time, then click "Send" button.

>Disable Internal DHCP
clear dhcpd

>Assign an External Static Ip of"0.0.0.0" with defalt gateway and subnet mask...
  We'll assume outside IP is 1.1.1.2, & default gateway will be 1.1.1.1:
ip address outside 1.1.1.2 255.255.255.0
route outside 0 0 1.1.1.1

>...and subnet mask and dns
   DNS?  You can't/don't assign a DNS server for the PIX.

If your PIX isn't already configured for NAT with the lines below, you'll want to add them before proceeding:
  global (outside) 1 interface
  nat (inside) 1 0.0.0.0 0.0.0.0 0 0

>Port Forward Port 3389 to "0.0.0.0"
>Port Forward Port 308 to "0.0.0.0"
   We'll assume you're port forwarding to 10.4.3.2 for both ports above, & we'll assume the protocol is TCP since you didn't specify:

access-list inbound permit tcp any interface outside eq 308
access-list inbound permit tcp any interface outside eq 3389
access-list inbound permit icmp any any echo-reply    <- optional, allows outbound pings to work
access-group inbound in interface outside

static (inside,outside) tcp interface 308 10.4.3.2 308
static (inside,outside) tcp interface 3389 10.4.3.2 3389
clear xlate

cheers
0
 
LVL 2

Author Comment

by:LeviDaily
ID: 16615714
for ">Assign an External Static Ip of"0.0.0.0" with defalt gateway and subnet mask...
  We'll assume outside IP is 1.1.1.2, & default gateway will be 1.1.1.1:
ip address outside 1.1.1.2 255.255.255.0
route outside 0 0 1.1.1.1

What is route address? Sorry
0
 
LVL 2

Author Comment

by:LeviDaily
ID: 16615749
Was that the gateway?
0
 
LVL 20

Expert Comment

by:calvinetter
ID: 16619841
>route outside 0 0 1.1.1.1
  That sets the default gateway to 1.1.1.1.

cheers
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16620394
Nice Calvin
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month18 days, 12 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question