I have a PIX firewall 520 with six PIX interfaces. Is it possible on a PIX firewall to create a conduit that pertains to each PIX interface. For example, I may have one interface to a vendor and the outside interface to the Internet. For the interface that corresponds to the Internet I want SMTP traffic to flow. However for the interface that corresponds to the vendor I do not need SMTP on that interface at all.
now lets say you want to receive mail (smtp) from the whole Internet:
conduit permit tcp host 188.8.131.52 eq smtp any
If you use a mail relay on the outside, limit your conduit to only allow the mail relay server to connect to the inside mail server:
conduit permit tcp host 184.108.40.206 eq smtp host 220.127.116.11 (assuming 18.104.22.168 is the outside relay server)
Now all we did was gave all outside hosts access to the smtp server but are not allowing inbound traffic from the perimeter (vendor) network.
If you need the smtp server to get to (initiate a connection) the vendor network, a global (vendor) pool will allow it to get there or a static translation to the vendor network. If the vendor network needs access to the smtp server (needs to initiate traffic) then just add the appropriate conduits.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...