PIX 501 and Windows Home Server

Discussion in 'Cisco' started by phoenyx76, Feb 28, 2008.

  1. phoenyx76

    phoenyx76

    Joined:
    Feb 28, 2008
    Messages:
    1
    Likes Received:
    0
    I was curious if anyone has had any success with the WHS Console port access on a PIX 501?
    I have the translation and the rule in the FW to allow 4125 inbound however I am still unable to access the console?
    Here is a sample of my config....Thanks!

    : Written by enable_15 at 19:44:04.444 MST Mon Feb 25 2008
    PIX Version 6.3(5)
    interface ethernet0 auto
    interface ethernet1 100full
    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    enable password "MYPASSWORD" encrypted
    passwd "MYPASSWORD" encrypted
    hostname pixfirewall
    domain-name mydomain.net
    clock timezone MST -7
    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    names
    name xxx.xxx.xxx.xxx SERVER
    access-list inbound permit tcp any interface outside eq https
    access-list inbound permit tcp any interface outside eq 4125
    access-list inbound deny ip any any
    pager lines 24
    logging on
    logging timestamp
    logging trap notifications
    logging device-id ipaddress inside
    logging host inside SERVER format emblem
    icmp deny any outside
    mtu outside 1500
    mtu inside 1500
    ip address outside dhcp setroute retry 4
    ip address inside xxx.xxx.xxx.xxx 255.255.255.0
    ip audit info action alarm
    ip audit attack action alarm
    pdm location SERVER 255.255.255.255 inside
    pdm location xxx.xxx.xxx.0 255.255.255.255 inside
    pdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    static (inside,outside) tcp interface https SERVER https netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface 4125 SERVER 4125 netmask 255.255.255.255 0 0
    access-group inbound in interface outside
    rip outside default version 2
    rip inside default version 2
    timeout xlate 0:05:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
    timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout sip-disconnect 0:02:00 sip-invite 0:03:00
    timeout uauth 0:05:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server TACACS+ max-failed-attempts 3
    aaa-server TACACS+ deadtime 10
    aaa-server RADIUS protocol radius
    aaa-server RADIUS max-failed-attempts 3
    aaa-server RADIUS deadtime 10
    aaa-server LOCAL protocol local
    ntp server 132.163.4.213 source outside prefer
    http server enable
    http xxx.xxx.xxx.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server community public
    no snmp-server enable traps
    floodguard enable
    telnet timeout 5
    ssh xxx.xxx.xxx.0 255.255.255.0 inside
    ssh xxx.xxx.xxx.0 255.255.255.255 inside
    ssh timeout 5
    console timeout 0
    dhcpd address xxx.xxx.xxx.10-xxx.xxx.xxx.15 inside
    dhcpd dns SERVER 4.2.2.2
    dhcpd lease 3600
    dhcpd ping_timeout 750
    dhcpd domain mydomain.net
    dhcpd auto_config outside
    dhcpd enable inside
    terminal width 80
    Cryptochecksum:fc41019fead6185c6305a16aa2f6f6cf
     
    phoenyx76, Feb 28, 2008
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.