PIX Port Redirect and Access Control List Review - PowerPoint PPT Presentation

1 / 6
About This Presentation
Title:

PIX Port Redirect and Access Control List Review

Description:

External users direct WWW requests to unique IP address 172.17.14.x. ... Summer time starts 02:00:00 CST Sun Apr 2 2006. Summer time ends 02:00:00 CDT Sun Oct 29 2006 ... – PowerPoint PPT presentation

Number of Views:27
Avg rating:3.0/5.0
Slides: 7
Provided by: michael1281
Category:

less

Transcript and Presenter's Notes

Title: PIX Port Redirect and Access Control List Review


1
PIX Port Redirect and Access Control List Review
2
PIX lab la
3
Port Redirection Syntax
  • Network Translation
  • static (internal_if_name, external_if_name)
    global_ipinterface local_ip netmask mask
    max_conns emb_limit norandomseq
  • Port Redirection
  • static (internal_if_name, external_if_name)
    tcpudp global_ipinterface global_port
    local_ip local_port netmask mask max_conns
    emb_limit norandomseq

4
Access Control and Port Redirection
  • External users direct WWW requests to unique IP
    address 172.17.14.x. which the PIX redirects to
    192.168.x.y
  • static (inside,outside) tcp interface http
    192.168.x.y http netmask 255.255.255.255 0 0
  • access-list INBOUND permit tcp any any eq www
  • External users direct RDP3389 requests to unique
    IP address 172.17.14.x. which the PIX redirects
    to 192.168.x.y
  • static (inside,outside) tcp interface 3389
    192.168.x.y 3389 netmask 255.255.255.255 0 0
  • access-list INBOUND permit tcp any any eq 3389
  • External users direct FTP requests to unique IP
    address 172.17.14.x. which the PIX redirects to
    192.168.x.y
  • static (inside,outside) tcp interface 21
    192.168.x.y ftp netmask 255.255.255.255 0 0
  • access-list INBOUND permit tcp any any eq ftp
  • External users direct SMTP requests to unique IP
    address 172.17.14.x. which the PIX redirects to
    192.168.x.z
  • static (inside,outside) tcp interface smtp
    192.168.x.z smtp netmask 255.255.255.255 0 0
  • access-list INBOUND permit tcp any any eq smtp
  • External users direct RDP3390 requests to unique
    IP address 172.17.14.x. which the PIX redirects
    to 192.168.x.z
  • static (inside,outside) tcp interface 3390
    192.168.x.z 3390 netmask 255.255.255.255 0 0
  • access-list INBOUND permit tcp any any eq 3389

5
Network Time Protocol
  • Correction The PIX firewall can ONLY be a NTP
    client, it cannot be a reference for NTP
  • How do I know if it is synching?
  • pixfirewall show ntp status
  • Clock is synchronized, stratum 10, reference is
    65.112.68.6
  • nominal freq is 99.9967 Hz, actual freq is
    99.9946 Hz, precision is 26
  • reference time is c8d674d2.a27782a1 (143650.634
    CDT Tue Oct 10 2006)
  • clock offset is 12.2825 msec, root delay is 53.59
    msec
  • root dispersion is 795.49 msec, peer dispersion
    is 10.41 msec
  • pixfirewall show clock detail
  • 143739.521 CDT Tue Oct 10 2006
  • Time source is NTP
  • Summer time starts 020000 CST Sun Apr 2 2006
  • Summer time ends 020000 CDT Sun Oct 29 2006

6
Sample Config ACL Review
  • sample config.doc
  • showaccess-list.doc
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "PIX Port Redirect and Access Control List Review" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!