PIX and Proxy

Thread: PIX and Proxy

Search this list only Search all lists
PIX and Proxy
	2006-05-12 16:08:49
Hi Friends, I need to allow only one IP address places INSIDE(the one for the proxy server) to browse through the PIX firewall to the Internet. What will be the commands in the PIX firewall to block traffic to the Internet from all the network 192.168.101.0/24 but only allow 192.168.101.2 (MS ISA Proxy/Webcacehe only using single NIC)? Thanks Zia __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------ Yahoo! Groups Sponsor --------------------~--> Protect your PC from spy ware with award winning anti spy technology. It's free. http://us.click.yahoo.com/97bhrC/LGxNAA/yQLSAA/kgFolB/TM ------------------------------------------------------------ --------~-> Yahoo! Groups Links <> To visit your group on the web, go to: http://gr oups.yahoo.com/group/PIX_Firewall/ <> To unsubscribe from this group, send an email to: PIX_Firewall-unsubscribe@yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.c om/info/terms/

PIX and Proxy
	2006-05-14 10:53:44

Pix#conf t Pix#access-list 101 permit tcp host 192.168.101.2 any eq 80 Pix#access-list 101 deny ip any any Pix#access-group 101 out interface outside All outbound traffic is blocked accept from ISA server. *Zia Khan <zia_khan2kyahoo.com>* wrote: Hi Friends, I need to allow only one IP address places INSIDE(the one for the proxy server) to browse through the PIX firewall to the Internet. What will be the commands in the PIX firewall to block traffic to the Internet from all the network 192.168.101.0/24 but only allow 192.168.101.2 (MS ISA Proxy/Webcacehe only using single NIC)? Thanks Zia __________________________________________________ Do You Yahoo!? Tired of spam? ; Yahoo! Mail has the best spam protection around http://mail.yahoo.com
PIX and Proxy
	2006-05-15 03:09:30

Thomson Sid and Zia, Please have a look at this... Pix#conf t Pix(config)#access-list 101 permit tcp host 192.168.101.2 any eq 80 Pix(config)#access-list 101 permit udp host 192.168.101.2 any eq 53 // allowing dns requests Pix(config)#access-list 101 permit tcp host 192.168.101.2 any eq 443 //for https traffic Pix(config)#access-list 101 deny ip any any // this line is not required coz its implicit deny anywayz Pix(config)#access-group 101 in interface inside Pix(config)#wr mem Try this...however.... just out of curiosity are u using PIX 7.x code by any chance? rgds Kris... *Thomson siddhartha <thomsonsidyahoo.co.in>* wrote: Pix#conf t Pix#access-list 101 permit tcp host 192.168.101.2 any eq 80 Pix#access-list 101 deny ip any any Pix#access-group 101 out interface outside All outbound traffic is blocked accept from ISA server. *Zia Khan <zia_khan2kyahoo.com>* wrote: Hi Friends, I need to allow only one IP address places INSIDE(the one for the proxy server) to browse through the PIX firewall to the Internet. What will be the commands in the PIX firewall to block traffic to the Internet from all the network 192.168.101.0/24 but only allow 192.168.101.2 (MS ISA Proxy/Webcacehe only using single NIC)? Thanks Zia __________________________________________________ Do You Yahoo!? Tired of spam? ; Yahoo! Mail has the best spam protection around http://mail.yahoo.com What makes Sachin India's highest paid sports celebrity?, Share your knowledge on Yahoo! India Answers Send instant messages to your online friends - NOW What makes Sachin India's highest paid sports celebrity?, Share your knowledge on Yahoo! India Answers Send instant messages to your online friends - NOW
PIX and Proxy
	2006-05-15 09:51:37
Thanks Sidhartha --- Thomson siddhartha <thomsonsidyahoo.co.in> wrote: > Pix#conf t > Pix#access-list 101 permit tcp host 192.168.101.2 > any eq 80 > Pix#access-list 101 deny ip any any > Pix#access-group 101 out interface outside > > All outbound traffic is blocked accept from ISA > server. > > Zia Khan <zia_khan2kyahoo.com> wrote: > Hi Friends, > > I need to allow only one IP address places > INSIDE(the > one for the proxy server) to browse through the PIX > firewall to the Internet. What will be the commands > in > the PIX firewall to block traffic to the Internet > from > all the network 192.168.101.0/24 but only allow > 192.168.101.2 (MS ISA Proxy/Webcacehe only using > single NIC)? > > Thanks > Zia > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam > protection around > http://mail.yahoo.com > > > > > --------------------------------- > YAHOO! GROUPS LINKS > > > Visit your group "PIX_Firewall" on the web. > > To unsubscribe from this group, send an email > to: > PIX_Firewall-unsubscribe@yahoogroups.com > > Your use of Yahoo! Groups is subject to the > Yahoo! Terms of Service. > > > --------------------------------- > > > > > > --------------------------------- > What makes Sachin India's highest paid sports > celebrity?, Share your knowledge on Yahoo! India > Answers > Send instant messages to your online friends - NOW > > --------------------------------- > What makes Sachin India's highest paid sports > celebrity?, Share your knowledge on Yahoo! India > Answers > Send instant messages to your online friends - NOW __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------ Yahoo! Groups Sponsor --------------------~--> Protect your PC from spy ware with award winning anti spy technology. It's free. http://us.click.yahoo.com/97bhrC/LGxNAA/yQLSAA/kgFolB/TM ------------------------------------------------------------ --------~-> Yahoo! Groups Links <> To visit your group on the web, go to: http://gr oups.yahoo.com/group/PIX_Firewall/ <> To unsubscribe from this group, send an email to: PIX_Firewall-unsubscribe@yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.c om/info/terms/

[1-4]

about | contact Other archives ( Real Estate discussion Medical topics )