PIX 506E PDM 3.0(1) PIX 6.3(3) NAT/PAT (Part 4)

Discussion in 'Cisco' started by Michiel, Aug 25, 2006.

  1. Michiel

    Michiel Guest

    Hello All,

    A new post again for my PIX problems... ;) hehe... I am experiencing a
    problem with downloading from newsgroups... the server i am downloading is
    in the network of my own provider... When i start a download it starts... at
    the max speed... very quickly... but after i think 1,5MB transferred the
    connection stalls... it is completely frozen... when i close the program and
    restart it... it contineus...

    Has anyone an idea...? i thought it had something to do with the fixup
    thing... but it seems not like that...

    Sincerely,
    Michiel





    : Saved
    :
    PIX Version 6.3(3)
    interface ethernet0 auto
    interface ethernet1 auto
    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    enable password ************passwd ************ encrypted
    hostname firewall
    domain-name test.local
    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol ils 389
    fixup protocol pptp 1723
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    no fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    names
    name 192.168.68.1 PC1
    access-list outside_access_in permit icmp any any echo-reply
    access-list outside_access_in remark UDP - DNS
    access-list outside_access_in permit udp any any eq domain
    access-list outside_access_in remark TCP - DNS
    access-list outside_access_in permit tcp any any eq domain
    access-list outside_access_in remark TCP - FTP Data
    access-list outside_access_in permit tcp any any eq ftp-data
    access-list outside_access_in remark TCP - FTP
    access-list outside_access_in permit tcp any any eq ftp
    access-list outside_access_in remark TCP - HTTP
    access-list outside_access_in permit tcp any any eq www
    access-list outside_access_in remark TCP - HTTPS
    access-list outside_access_in permit tcp any any eq https
    access-list outside_access_in remark TCP - SMTP
    access-list outside_access_in permit tcp any any eq smtp
    access-list outside_access_in remark TCP - RDP
    access-list outside_access_in permit tcp any any eq 3389
    access-list outside_access_in remark TCP - Webbased / Remote Admin
    access-list outside_access_in permit tcp any any range 7698 7704
    access-list outside_access_in remark IP - GRE
    access-list outside_access_in permit tcp any any eq pptp
    access-list outside_access_in remark TCP - PPTP
    access-list outside_access_in permit gre any any
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    ip address outside 192.168.168.2 255.255.255.252
    ip address inside 192.168.68.8 255.255.255.0
    ip audit info action alarm
    ip audit attack action alarm
    pdm location PC1 255.255.255.255 inside
    pdm logging informational 100
    pdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 192.168.68.0 255.255.255.0 0 0
    static (inside,outside) tcp interface pptp PC1 pptp netmask 255.255.255.255
    0 0
    static (inside,outside) tcp interface 7700 PC1 7700 netmask 255.255.255.255
    0 0
    static (inside,outside) tcp interface 7701 PC1 7701 netmask 255.255.255.255
    0 0
    static (inside,outside) tcp interface 7699 PC1 7699 netmask 255.255.255.255
    0 0
    static (inside,outside) tcp interface smtp PC1 smtp netmask 255.255.255.255
    0 0
    static (inside,outside) tcp interface www PC1 www netmask 255.255.255.255 0
    0
    static (inside,outside) tcp interface domain PC1 domain netmask
    255.255.255.255 0 0
    static (inside,outside) udp interface domain PC1 domain netmask
    255.255.255.255 0 0
    static (inside,outside) tcp interface ftp PC1 ftp netmask 255.255.255.255 0
    0
    static (inside,outside) tcp interface ftp-data PC1 ftp-data netmask
    255.255.255.255 0 0
    static (inside,outside) tcp interface https PC1 https netmask
    255.255.255.255 0 0
    static (inside,outside) tcp interface 3389 PC1 3389 netmask 255.255.255.255
    0 0
    access-group outside_access_in in interface outside
    route outside 0.0.0.0 0.0.0.0 192.168.168.1 1
    timeout xlate 0:05:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
    1:00:00
    timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server RADIUS protocol radius
    aaa-server LOCAL protocol local
    http server enable
    http 192.168.68.0 255.255.255.0 inside
    floodguard enable
    telnet 192.168.68.0 255.255.255.0 inside
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    terminal width 80
    : end
    [OK]
    Michiel, Aug 25, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Michiel
    Replies:
    4
    Views:
    4,628
    Michiel
    Aug 22, 2006
  2. Michiel
    Replies:
    2
    Views:
    759
    Michiel
    Aug 22, 2006
  3. Michiel
    Replies:
    19
    Views:
    1,107
    Michiel
    Aug 24, 2006
  4. dgr7
    Replies:
    0
    Views:
    477
  5. kasonne

    PAT and NAT Pix 506E

    kasonne, Dec 2, 2009, in forum: Cisco
    Replies:
    1
    Views:
    624
    kasonne
    Dec 9, 2009
Loading...

Share This Page