I presently have a 506e pix that has port 1433 open (SQL) and is being hit from an outside source. I want to close it off, but use it internally between another 506e pix from another location (colo to office). Can you please let me know what entries on my pix(s) I need to use to keep open the port 1433 between the two pixes, but block everyone else. Here's my info from the pix:
ip address outside 22.214.171.124 255.255.255.240
ip address inside 10.0.0.1 255.0.0.0
access-group 101 in interface outside
route outside 0.0.0.0 0.0.0.0 126.96.36.199 1
access-list 101 permit tcp any host 188.8.131.52 eq smtp
access-list 101 permit tcp any host 184.108.40.206 eq 1433
I do have users inside of Pix A that will need to access the sql port. Will this allow all users on this subnet to get to that box on port 1433, right? Thanks, I am new to this and it's hard making changes on a live firewall.
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...