Archived from groups: comp.security.firewalls (
More info?)
In article <1127934541.351961.296710@f14g2000cwb.googlegroups.com>,
pvm <pvm@sog.ath.cx> wrote:
:Hi, Im new to pix and got a problem.
Most Cisco PIX discussion happens in comp.dcom.sys.cisco .
:I want to make my web server public to the internet.
:I think i know how to set the access rule. but do`nt know ho te
:configure pat.
lease send a PDM screenprint form a working config.
Sorry, it takes too long to fire up PDM, nagivate through the correct
menus, remove the extraneous information from our local configuration
that would just confuse you, modify the configuration to obscure our
local IP addresses, take a screenshot (or, more likely, series of
screenshots so you can see the which buttons to click on), post the
screen shots, and then deal with the waves of hate-mail saying that
this newsgroup is not an appropriate place to post images.
So... in general you will find that if you have a question about
configuring a PIX rather than a question about something unique to
the PDM GUI, that people will give you answers in terms of the
command lines you would have to enter. I suggest you either learn to telnet
or ssh in to your PIX, or that you find your way to the PDM menu
that allows you to view the existing configuration and to
enter command lines.
Chances are that you have already configured PAT. That's the
pair of lines in your configuration that look like,
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
global (outside) 1 interface
What you need to do to allow outside access to one of your hosts
is to configure port forwarding:
static (inside,outside) tcp interface www INSIDEIP www netmask 255.255.255.255
You will also need an access-list for your outside interface, and you will
need to activate the ACL on the outside interface:
access-list SOMEACLNAME permit tcp any interface eq www
access-group SOMEACLNAME in interface outside
--
Goedel's Mail Filter Incompleteness Theorem:
In any sufficiently expressive language, with any fixed set of
email filtering algorithms, there exists at least one spam message
which the algorithms are unable to filter out.
Facebook
Twitter
Instagram