We have a set of servers installed in our lab as they will be in the field with the firewall between them and our in-house network. We want to temporarily allow users on our in-house network (connected to the outside interface) to have telnet access to the servers on the inside interface. Whenever I try to do this using the SDM (v3) it takes the access rule but when I display it after its applied, it has applied the rule between the outside and DMZ interfaces. What am I doing wrong?
If I understand you correctly, you have a PIX with 3 interfaces and you want to allow access from the outside one to some servers on the inside one - correct? Are you usinng NAT? Can you post the config?
Yes, there are three interfaces: outside, inside, dmz.
I was able to correct it over the weekend. The problem seems to be a tried to take a simple step first and use the wild card 0.0.0.0 0.0.0.0 for the Inside network. Whenever I used this it would take it but then when I examine it after applying, it always applied it to the DMZ interface.
When I applied the rule only to the network I wanted on the Inside - 192.168.249.0 /24, it worked as expected.
Thanks for the help. I was able to resolve the issue over the weekend. (see post above).
I do have another problem. Connected directly to the inside port via crossed cable is the inside router. Since there is no switch or hub, I have no port to connect a PC to configure the firewall. Is there a way to set the firewall to allow configuration from a network (192.168.249.0) on the inside port other than the network the inside port is directly connected (192.168.1.0)?
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...