Re: AAA Authentication at Outside interface for port 1433
You might have to add a "aaa authorization". This will protect your 126.96.36.199 server from anyone who's trying to hit w/ port 1433. User will have to perform an authentication on port http first, then will be authorize to use tcp/1433 thru the PIX.
You may end up w/ a command like this (sorry I'm old and not using the match ACL command set)
aaa authorization include tcp/1433 outside 188.8.131.52 255.255.255.255 0.0.0.0 0.0.0.0 AuthServer
Also PIX will let user authenticate w/ tcp-port 21(ftp),23(telnet) and 80(http) only. Not sure w/ tcp/443(https).
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...