How can I check the configuration of firewall is correct or is working

wailapchan · ‎04-11-2002

Dear all professional,

I am new to PIX and I have to configure it. Now I have the following questions, please spend time to answer me.

1. After I finish configuring the PIX, how can I check it whether it works.

2. What I need to pay attention?

3. In the configuration file, the following command:

access-list 100 permit tcp any host XX.XX.XX.XX eq YY,

XX.XX.XX.XX is the ip of host while yy is port number.

I have 3 hosts connect to PIX, they are

EMAIL server(mtp) port number:25

MYSQL Database port number:3306

XML Database port number : unknown.

Could you please tell me how I can determine the port number.

4. Is anyone would like to give me a hint in assisting me finish the configuration of PIX if you are free. If yes, please email me, and I will send him/her the diagram. So, I will appreciate it very much.

Thank you for your attention and I look forward to hear from you soon.

Best Regards

...

s-doyle · ‎04-17-2002

If it’s a new PIX and still under warranty, it wouldn’t hurt to get a TAC engineer to double-check your config and see if anything needs tweaking. After warranty, you’ll probably want to buy a support contract anyway because they are always solidifying the code and adding features.

The best way to see what your PIX is doing is to look into the debugging log files. It tells you what’s being built and torn-down. Allowed and blocked. You’ll also see the denies for your XML database application and you can look at the port number(s) right there so you’ll know what to open up.