• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 185
  • Last Modified:

PIX 506 - Allow Access by IP Address

I have a PIX 506 firewall in front of a web and database server.  I would like to permit access to the SQL port on all hosts on the inside for a single IP Address and deny for all others.  How can i do this?
1 Solution
Create an access rule to allow (SQL port) tcp xxx, or udp xxx coming from the network/ip address you want to allow.  It should look something like:
access-list outside_access_in permit tcp ppp host xxx.xxx.xxx.xxx any eq ppp
where ppp is the SQL port number(s).
You also need to make sure you add the access list to the external interface.
on the outside interface create an access list that looks like this:

access-list outside_access_in extended permit tcp host any eq 1433
access-list outside_access_in extended deny tcp any any eq 1433

where = single IP address

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now