Cisco PIX Firewall Version 6.3
I recently enabled PPPoE and now my ACLs no longer permit incoming traffic to my public hosts (Outgoing traffic is fine).
I tried disabling 'ip audit', changing my static statements from 'interface' to the IP address, I even tried 'permit ip any any' and traffic still can't get through. The ACLs still show 'hitcnt=0' even though I'm hammering it from proxify.com and ShieldsUp.
I get nothing from 'debug packet outside', but when I run a capture it shows a lot of incoming requests in hex. When I import it into Ethereal, it shows a whole lot of incoming traffic, so it doesn't appear to be filtered by my ISP or my CPE.
My PPPoE config:
ip address outside pppoe setroute
vpdn group pppoex request dialout pppoe
vpdn group pppoex localname [MYPPPOEUSERNAME]
vpdn group pppoex ppp authentication pap
vpdn username [MYPPPOEUSERNAME] password *********
sh_run_080224.txt sanitized config
cap1.txt incoming hex dump
The access lists are not bound to the outside interface .
Hence u need to add
access-list PUBLICHOSTS permit tcp any interface outside eq www
access-group PUBLICHOSTS in interface outside