So I am configuring my PIX 506E through PDM and am having problems getting the rules to work properly.
What I really need is an example config of how it should look, blocking in bound ports and some out bound ports. I have tried many variations and have yet to nail the config. RTFM, done it and it seems that the Manuel and the actual way it works is different.
Okay, sorry for not being more specific. I am setting the PIX up in a test lab, for the time being. Eventually it will be deployed to the Corp. network but we have testing to do first.
The Test: Set up the Firewall to allow normal connections out (http, FTP, PC-anywhere, etc...) and restrict access back in. after that I have to start blocking streaming media in, my web guys are going to try to hack it so they can get the media past most firewalls (our company lives off streaming media purchised by other companies and we have problems every now and then with their firewalls, thus the test).
After these tests, the PIX will serve as our company firewall with normal access to mail and what not (web-etc...)
I read through the manual and it seems I have everything set up right but it fails my tests (i.e. tested a block out-bound http port 80) yet the web traffic still gets through.
Okay, so this is weird. I looked through this config and I have rules there that are long gone...PDM doesn't show the AOL IM rule anymore...
See attached screen shot of PDM.
Note that I am simply trying to test how rules are set up so I can make my final config. I have tried several different variations of this but my interpretations of the manual say it is supposed to look like this:
if something is in the config that is no longer visible in the PDM then I would recommend to reset the config. If you make changes to the configuration I would strongly recommend that you use only the PDM or only the Command Line Interface. Do not mix the PDM and the CLI. Some things you enter using the CLI may not be interpreted correctly by the PDM.
To reset the config:
Please connect a console cable after doing this. The pix will start the configuration wizard after the commands above.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :