Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > General Computer Discussion > General Computer Support > PIX 506e config via PDM

Reply
Thread Tools

PIX 506e config via PDM

 
 
mbvales mbvales is offline
Junior Member
Join Date: Aug 2006
Posts: 4
 
      08-26-2006
Is anybody out there to help me on how to allow the pcanywhere communication from outside network to any of my internal IP behind PIX 506e via PDM? help would be greatly appreciated. Thanks
 

Last edited by mbvales; 08-29-2006 at 12:35 PM..
Reply With Quote
 
 
 
 
mbvales mbvales is offline
Junior Member
Join Date: Aug 2006
Posts: 4
 
      08-29-2006
Hi to all, anybody can help on how to allow pcanywhere on PIX and to translate or point my outside interface from my pix (real IP) to any of my local internal IP (e.g. 192.168.0.20). I used hyperterminal or PDM but I preferred the GUI command.

Here's my config: (Fake IP)

PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password hbNy3ju8pQKZ0U57 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname xxxxxxx
domain-name xxxxxxxxxx.com
clock timezone PKT 5
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
object-group service OUTTCP tcp
description allowed internal outbound TCP services
port-object eq telnet
port-object eq www
port-object eq ssh
port-object eq pop3
port-object eq ftp
port-object eq https
port-object eq smtp
object-group service OUTUDP udp
description allowed internal outbound UDP services
port-object eq domain
port-object eq ntp
object-group network LOCALNET
description internal network
network-object 192.168.0.0 255.255.255.0
network-object 192.168.1.0 255.255.255.0
network-object 192.168.2.0 255.255.255.0
access-list outside_access_in permit ip any any
access-list outside_access_in permit tcp interface outside host 192.168.0.20 eq pcanywhere-data
access-list outside_access_in permit tcp interface outside host 192.168.0.20 eq https
access-list outside_access_in permit tcp interface outside host 192.168.0.20 range pcanywhere-data 5632
access-list outside_access_in permit tcp interface outside host 192.168.0.20 range https https
pager lines 24
mtu outside 1500
mtu inside 1500
ip address outside 202.124.141.26 255.255.255.248
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm location 192.168.0.0 255.255.255.0 inside
pdm location 192.168.1.2 255.255.255.255 inside
pdm location 202.124.141.25 255.255.255.255 outside
pdm location 192.168.2.0 255.255.255.0 inside
pdm location 195.127.106.0 255.255.255.0 outside
pdm location 192.168.0.20 255.255.255.255 inside
pdm group LOCALNET inside
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
global (outside) 3 192.168.0.20
global (inside) 2 192.168.0.20
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) 192.168.0.20 192.168.0.20 netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 202.124.141.25 1
route inside 192.168.0.0 255.255.255.0 192.168.1.2 1
route inside 192.168.2.0 255.255.255.0 192.168.1.2 1
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout sip-disconnect 0:02:00 sip-invite 0:03:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
url-server (inside) vendor websense host 192.168.0.20 timeout 5 protocol TCP ver
sion 1
http server enable
http 195.127.106.0 255.255.255.0 outside
http 192.168.1.0 255.255.255.0 inside
http 192.168.0.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
telnet 192.168.0.0 255.255.255.0 inside
telnet timeout 5
ssh 195.127.106.0 255.255.255.0 outside
ssh timeout 5
console timeout 0
vpdn username admin password *********
vpdn enable outside
vpdn enable inside
dhcpd address 192.168.1.2-192.168.1.10 inside
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
username xxxxx password AULMP2pyBpRZ4Zva encrypted privilege 15
username xxxxxxx password GlpXwGpslAIwW3Gs encrypted privilege 15
username xxxxxx password SHCeMeoGZJ.cTeqt encrypted privilege 15
terminal width 80
Cryptochecksum:28e15cd8cb8a450b50eb8bb1491a98d9
: end
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PIX 506E PDM 3.0(1) PIX 6.3(3) NAT/PAT (Part 4) Michiel Cisco 0 08-25-2006 01:17 AM
PIX 506E PDM 3.0(1) PIX 6.3(3) NAT/PAT (Part 3) Michiel Cisco 19 08-24-2006 08:55 PM
PIX 506E PDM 3.0(1) PIX 6.3(3) NAT/PAT (Part 2) Michiel Cisco 2 08-22-2006 08:46 PM
PIX 506E PDM 3.0(1) PIX 6.3(3) NAT/PAT Michiel Cisco 4 08-22-2006 12:26 PM
PIX 506e - Can't start PDM after change old version Ms ping Cisco 1 07-08-2003 04:04 PM



Advertisments