20 Most Recent
Cisco PIX 515E Firewall Questions & Answers
Pix 515 E allow few websites only.
Do the nslookup for the three websites and write an access list to permit the traffic only to the said website ip addresses
Eg.
1. go to dos prompt
2. type "nslookup"
3. type "www.rediff.com
Note : You will get the ip address of the websites
4. Create an object group for these websites
5. Add ip addresses of the websites
6. create an access-control list element to permit the traffic from your circle office to this object group for port tcp 80 and 443
You are done
Cisco pix 515
You have to create a route statement to allow workstations to get online.
Below is the command:
route interface_name ip_address netmask gateway_ip
Example:
route outside 0.0.0.0 0.0.0.0 200.200.200.1
or
route outside 0 0 200.200.200.1
When there is already a route statement but still cannot get online, check the DNS settings.
How ti block the orkut in cisco firewall pix515E
you can only block orkut sites that you know by IP but the Pix alone cannot do it since it requires an application like websense to do URL filtering. If you have the IPs and need help creating the ACLs, feel free to let me know
Restricting websites at router or firewall level
Hello,
The pix does not allow you to block urls except if you use it in conjunction with websense for example. You could however deny all outgoing traffic to port 80 except for the ip address of the websites you want to be able to access.
To do that you would setup an access-list allowing you internal network to access certain ips on port 80 and deny all other traffic outgoing.
Let me know if you need more information on how to accomplish this.
Pix 515E inside to outside translation problem
Dear Kiran,
What is the name assigned for isp 1 as well as isp2.
for your reference kindly find the sample configuration......
ISP 1:
interface ethernet 0 100 full
nameif outside security-lvl 0
ip address outside 203.193.129.132 255.255.255.240.
nat (inisde) 1 (local network)
global (outside) 1 203.193.129.133
route outside 0 0 203.193.129.129.1.
regards,
mani.S
Cisco Router Customer Care Phone'@#[+1^84433O*233O-] numbeR USA
Warning SCAM - DO NOT CALL THESE NUMBERS. These phony support numbers send you to criminal call centers where they will install malware, steal ID and/or extort money from you . Please only ever use the support contacts from the official company website
Cisco Router Customer Care pHoNe @{+l^84433O*233O} nUmBeR USA
THIS IS A SCAM- DO NOT CALL THESE NUMBERS. These phony support numbers send you to criminal call centers where they will install malware, steal ID and/or extort money from you . Please only ever use the support contacts from the official company website
Not finding what you are looking for?