We have a CISCO PIX 560e in our office. Connected between the Wall and the router. I have no idea how to even use this thing or even how to check if its working properly. It was setup before i came here and i have never had a need to touch it. However now i do want to figure out what exactly its doing. So i need some directions or a link to a "How-To" manual for this firewall. A few of the questions i have are :
a) is there a web based interface for this or is it all command line?
b) does this appliance even have a IP Address on our network
c) is it REALLY doing anything to protect our network and how can i tell what its doing
as you can see i have really no clue about this thing but im pretty keen so im sure i can figure it out. Any advice would be appreciated.
a) Yes there is a web based interface. You can type 'show version' in the CLI to find if PDM (PIX Device Manager) is loaded or not. When you type the command and hit 'Enter', you should see something like :
pixfirewall# sh ver
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
Compiled on Thu 04-Aug-05 21:40 by morlee
pixfirewall up 2 days 22 hours
The second line from the top is the most important that says "Cisco PIX Device Manager Version 3.0(4)". The version on your device might vary.
b) Yes. This appliance has 2 IP addresses. One public and one private in the same subnet as of your router. Most probably the default gateway of your router is the inside IP address of this device.
c) Yes it must be doing what it is configured to do. :-)
I'm attaching a document for you which might be helpful.
great thanks a lot for your help. Just to clarify. In order to connect to the pix via Web Browser interface i need to directly plug a computer into the PIX on the Ethernet 1 port correct? I cannot pass through a router for this? Just wondering because i have to then disconnect us from the pix (and therefore shut down Internet for the office) while im updating it. I attempted to access it just by plugging my computer into our router (which goes to the PIX) but i couldn't access it.
No, you need not be directly connected to the PIX to access via the web browser. You CAN connect through router. The only thing you need to make sure is that you have the following commands in the PIX :
http server enable
You should get these commands in the link I sent to you. Go through the command reference.
thanks for all your help. Slowly but surely im working on it. Still can't connect and i have two more small questions.
1) Can you access this via wireless or do i have to have a ethernet plug in my computer
2) Can the internal ip address of the PIX be changed. Our network is set up so everyone is on an internal network that looks like 192.168.8.xx (8.2 is our router) and 8.1 i can ping but i can't access for some reason.
So i was thinking maybe they changed the internal interface address of the PIX to 192.168.8.1. Is that possible?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...