PIX 506 - Allow Access by IP Address

I have a PIX 506 firewall in front of a web and database server.  I would like to permit access to the SQL port on all hosts on the inside for a single IP Address and deny for all others.  How can i do this?
Who is Participating?
on the outside interface create an access list that looks like this:

access-list outside_access_in extended permit tcp host any eq 1433
access-list outside_access_in extended deny tcp any any eq 1433

where = single IP address
Create an access rule to allow (SQL port) tcp xxx, or udp xxx coming from the network/ip address you want to allow.  It should look something like:
access-list outside_access_in permit tcp ppp host xxx.xxx.xxx.xxx any eq ppp
where ppp is the SQL port number(s).
You also need to make sure you add the access list to the external interface.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.