BEING ATTACKED -- HELP!!!
I presently have a 506e pix that has port 1433 open (SQL) and is being hit from an outside source. I want to close it off, but use it internally between another 506e pix. Can you please let me know what entries on my pix I need to use to keep open the port 1433 between the two pixes, but block everyone else. Here's my info from the pix:
(PIX A)
ip address outside 66.243.86.213 255.255.255.240
ip address inside 10.0.0.1 255.0.0.0
access-group 101 in interface outside
route outside 0.0.0.0 0.0.0.0 66.243.86.209 1
(PIX B)
access-list 101 permit tcp any host 66.243.84.172 eq smtp
access-list 101 permit tcp any host 66.243.84.173 eq 1433
static (inside,outside) 66.243.84.165 SQL2 netmask 255.255.255.255 0 0
access-group 101 in interface outside
access-group acl_inside in interface inside
route outside 0.0.0.0 0.0.0.0 66.243.84.163 1
THANKS!
I presently have a 506e pix that has port 1433 open (SQL) and is being hit from an outside source. I want to close it off, but use it internally between another 506e pix. Can you please let me know what entries on my pix I need to use to keep open the port 1433 between the two pixes, but block everyone else. Here's my info from the pix:
(PIX A)
ip address outside 66.243.86.213 255.255.255.240
ip address inside 10.0.0.1 255.0.0.0
access-group 101 in interface outside
route outside 0.0.0.0 0.0.0.0 66.243.86.209 1
(PIX B)
access-list 101 permit tcp any host 66.243.84.172 eq smtp
access-list 101 permit tcp any host 66.243.84.173 eq 1433
static (inside,outside) 66.243.84.165 SQL2 netmask 255.255.255.255 0 0
access-group 101 in interface outside
access-group acl_inside in interface inside
route outside 0.0.0.0 0.0.0.0 66.243.84.163 1
THANKS!