Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Intrusion via NAT

I have a couple of proxy servers providing URL caching and filtering with a single nic card. The servers are inside our private network. A pix firewall provides the nat from a global pool of public ip addresses for the proxy servers to connect outside.

We have discovered, if someone puts the public nat'ed address into their browser's setting for proxy, and than point their browser to one of our private ip addressed web servers, they can connect. This means, any device that has a web server running is accessable.

We have no static mapping for the proxy servers. So I am assuming, because the proxy servers run all the time, they have a continuous connection to the outside, therefore, someone is able to "ride the wave" back inside, so to speak.

So, how do I stop this?

Thanks.

1 REPLY
Bronze

Re: Intrusion via NAT

Add a line in the access list which is used by NAT and use the “established” argument.

http://www.cisco.com/univercd/cc/td/doc/product/atm/c8540/12_0/13_19/cmd_ref/a.htm#xtocid1

82
Views
0
Helpful
1
Replies
CreatePlease to create content