Announcement

Collapse
No announcement yet.

PIX 501 Query

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • PIX 501 Query

    Hi all,

    I am a newbie with Cisco PIX, and have recently bought a PIX 501 for home but am struggling to configure it for external access to my internal web server.

    Here is the scenario:
    • Have a DSL connection from my ISP
    • Able to access the Internet from the web server
    • But can`t access the internal web server from the Internet

    I have tried configuring a rule to allow access [source: any - outside http] to [destination: web server - inside http], but this does not work.

    I am sure it is something easy.

    Can anyone help or does any one have any ideas?

    Thanks in advance.

    Mak

  • #2
    Re: PIX 501 Query

    you should configure something like this:

    Access-list 110 (source) any (destination) <ipwebserver> eq (protocol) http or 80
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: PIX 501 Query

      Hi makavelli,

      Good question. Thanks for the post!

      Marcel is right, you need an ACL & don't forget to apply it.

      I will also add to that that you probably also need a static NAT, like this:
      static (dmz,outside) 1.1.1.22 10.3.3.22 netmask 255.255.255.255 0 0

      Here is a couple of URLs:
      http://www.netcraftsmen.net/welcher/papers/pix01.html

      http://www.cisco.com/en/US/products/...0800b6e1a.shtm

      If you want to post your config, you are welcome to do so.

      Let us know how it goes!!
      David Davis - Petri Forums Moderator & Video Training Author
      Train Signal - The Global Leader in IT Video Training
      TrainSignalTraining.com - Free IT Training Products
      Personal Websites: HappyRouter.com & VMwareVideos.com

      Comment


      • #4
        Re: PIX 501 Query

        Marcel,

        Thanks for the information, I am really grateful.


        Also, Daviddavis, thanks for your info and links.

        I will try to add the ACL in the next few days and will let you know how I get on.

        Thanks again.

        Mak.

        Comment

        Working...
        X