Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

how to configure pix to let IDS traffic go through

need a configuration sample on pix to let IDS traffic go though pix. The director is inside a pix firewall and the sensor is outside the pix.

2 REPLIES
New Member

Re: how to configure pix to let IDS traffic go through

Hello,

It sounds like you are trying to pass Cisco Post office protocol. If this is true, you would built your access-lists to permit udp 45000 between the two hosts.

192.168.1.1 is director.

172.16.1.1 is the c&c interface of the IDS.

inside is the name of the inside interface (where director is located)

outside is the name of the outside interface (the same interface on the pix where the the c&c interface is located)

access-list inside_acl permit udp host 192.168.1.1 eq 45000 host 172.16.1.1 eq 45000

access-list outside_acl permit udp host 172.16.1.1 eq 45000 host 192.168.1.1 eq 45000

access-group inside_acl in interface inside

access-group outside_acl in interface outside

If this is for a production network, you may want to contact TAC, to make sure this is best deployment. You would normally not want to put the command and control interface on the outside interface of your pix, without some encryption. Encryption features are available, that can be used for remote deployment of a director and an IDS sensor. If you decide to use encryption, then the access-lists above will be useless.

Hope this helps....

New Member

Re: how to configure pix to let IDS traffic go through

Many thanks, it is work

87
Views
0
Helpful
2
Replies
CreatePlease to create content