• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 212
  • Last Modified:

Cisco PIX 515e

Our site uses a PIX 515e. We have a customers "US GOV" that have in the past hit a secure URL for a web site we have. Recently they configured their site to send and receive traffic on different interfaces. If I get an incoming request form xxx.xxx.xxx.88 how do I respond to a different route.
0
dnovus
Asked:
dnovus
1 Solution
 
batry_boyCommented:
>>If I get an incoming request form xxx.xxx.xxx.88 how do I respond to a different route.

Are you wanting to know how to let traffic in from the new IP address to hit the web server at your site?  If this is not the case, please clarify.

If so, then you should have some statements in your PIX that read something like this:

access-list outside_access_in permit tcp host x.x.x.x host x.x.x.x eq https
access-group outside_access_in in interface outside

You will need to put in a statement in whatever ACL you have applied to the outside interface that allows the new IP address to pass HTTPS traffic to your web server.  So, for example, if the new customer IP is 1.1.1.1 and your web server's external IP is 2.2.2.2, then the line that you need to add would read:

access-list outside_access_in permit tcp host 1.1.1.1 host 2.2.2.2 eq https

It would probably be useful for you to post the "access-list" commands (sanitized) from your PIX and we can give you exact commands to type in to allow this traffic.
0
 
dnovusAuthor Commented:
Thank you.
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now