I have PIX 525 and want to divide inside interface into 3 sabinterfaces (VLANs)... Is it possable to filter internet traffic (sach as: http, xxx, traffic shapping, TCP connections, FTP and etc ....) through the PIX >>> and if it possable how do it ? My frined told me that, config WIN-PORXY or something like that and filter traffic through it ? Just do 3 subinterfaces in PIX, and open TCP, IP, UDP ports... (I think it looks pritty bed...) Need your advice what is the most way to resolve my problem ?
Yes you can creae 3 subinterfaces and do VLAN taggigng. But PIX is not a filter device, it is a firewall. For filtering purposes, you need something that works on application layer, Websense software for example. PIX can integrate with Websense. AFAIK, PIX does not do filtering. All you can do is blocking outbound ports.
I'm downloading WEBSENS now... there was written that i can filter HTTP, FTP, or HTTPS ... ??? Is it true ??? Do you recommend me to use Proxy server and not using WEBSENSE SERVER ??? What do you do recommend me to do in this case ? Do you know recommended configuration for PIX ... ? pleas be kind and give me the link of course if you have ! :) tnx, IN ADVANE
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...