Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
354
Views
5
Helpful
3
Replies

Cisco PIX 501

rajendra-rait
Level 1
Level 1

‎07-30-2007 05:25 AM - edited ‎02-21-2020 01:37 AM

Hi All,

I am a newbie to Cisco PIX 501, i have recently joined this company where they have servers at Data center and they are behind this PIX501. All the configuration were done by the former sys admin.

Now i have installed Advenet Application Manager in one of the data center linux machine, this s/w is used to monitor our clients servers, now my development team has installed JBoss on the clients server and they want to monitor this server through the monitoring software.

The network admin at my clients place have allowed full access to my monitoring servers ip, and now its my trun to give full access to the the clients server's ip.

I googled and gave some try to the PIX, but in vain, it didn't work.

I had issued this command to allow full access to the clients IP.

access-list outside_access_in permit tcp any host 202.87.xx.xxx

202.87.xx.xxx this is the IP of my monitoring s/w.

Can some one please tell me what all others command are needed to allow full access to all ports to the clients server.

Thanks in Advance.

Raj.

0 Helpful
3 Replies 3

wong34539
Level 6
Level 6

‎08-03-2007 09:42 AM

When properly configured, the PIX Firewall can secure your network from outside threats. The PIX Firewall is not a turn-key system. You have to program it to identify which hosts can access your inside network and which cannot. It is your responsibility to protect your network. The PIX Firewall will not prevent all forms of security threats, but its features provide you with an arsenal of resources to repel network attacks. The PIX Firewall cannot protect your network from inside attackers. To properly protect against these threats, all persons with access to the inside network should be given only the least privilege and access they require to perform their jobs. This access should be reviewed periodically, and updated if necessary

JohnnyHeavens
Level 1
Level 1

‎08-29-2007 06:59 AM

Posting your config will help people see the rest of what you have going on. Just change/remove and real IPs, password strings first.

0 Helpful

acomiskey
Level 10
Level 10
In response to JohnnyHeavens

‎08-29-2007 11:57 AM

Allow access to everything by replacing "tcp" with "ip".

access-list outside_access_in permit ip any host 202.87.xx.xxx

Or for example if you just wanted to allow tcp port 80...

access-list outside_access_in permit tcp any host 202.87.xx.xxx eq 80

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card