Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

What Does FIXUP PROTOCOL Do?

What's the point of the FIXUP statement? Is this the protocols allowed through the PIX? I have the default ones in place, but I can still TELNET through. Why?

Also:

The reason I'm asking is that I need to do an ANY rule (Check Point termingology) that will permit ANY protocol/port from the inside. If I have to specifiy every protocol/port, using the FIXUP directive, I'll be there forever. How do I do an ANY protocol/port source rule?

TIA

Dave

1 REPLY
Bronze

Re: What Does FIXUP PROTOCOL Do?

In your situation telnet should work fine without fixup protocols at all. What version of PIX code do you use? I bet your probably running into a bug on an ED code version.

Fixup is handling for special protocols like FTP which requires two ports, SMTP which toggles the mail security feature, etc. Check out the description in the command reference for details:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v53/config/commands.htm#xtocid223322. The PIX by default is everything out, nothing in. All protocols and ports are allowed except icmp. All you have to do is configure NAT (or no-NAT) to get through the thing.

443
Views
0
Helpful
1
Replies
CreatePlease login to create content