Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco PIX 501

Hi All,

I am a newbie to Cisco PIX 501, i have recently joined this company where they have servers at Data center and they are behind this PIX501. All the configuration were done by the former sys admin.

Now i have installed Advenet Application Manager in one of the data center linux machine, this s/w is used to monitor our clients servers, now my development team has installed JBoss on the clients server and they want to monitor this server through the monitoring software.

The network admin at my clients place have allowed full access to my monitoring servers ip, and now its my trun to give full access to the the clients server's ip.

I googled and gave some try to the PIX, but in vain, it didn't work.

I had issued this command to allow full access to the clients IP.

access-list outside_access_in permit tcp any host this is the IP of my monitoring s/w.

Can some one please tell me what all others command are needed to allow full access to all ports to the clients server.

Thanks in Advance.



Re: Cisco PIX 501

When properly configured, the PIX Firewall can secure your network from outside threats. The PIX Firewall is not a turn-key system. You have to program it to identify which hosts can access your inside network and which cannot. It is your responsibility to protect your network. The PIX Firewall will not prevent all forms of security threats, but its features provide you with an arsenal of resources to repel network attacks. The PIX Firewall cannot protect your network from inside attackers. To properly protect against these threats, all persons with access to the inside network should be given only the least privilege and access they require to perform their jobs. This access should be reviewed periodically, and updated if necessary

New Member

Re: Cisco PIX 501

Posting your config will help people see the rest of what you have going on. Just change/remove and real IPs, password strings first.


Re: Cisco PIX 501

Allow access to everything by replacing "tcp" with "ip".

access-list outside_access_in permit ip any host

Or for example if you just wanted to allow tcp port 80...

access-list outside_access_in permit tcp any host eq 80