You should never post public addresses on any forum.
----- Original Message -----
From: "opportunity4sale" <opportunity4sale
yahoo.com>
To: <PIX_Firewallyahoogroups.com>;
Sent: Wednesday, June 14, 2006 11:27 PM
Subject: [PIX_Firewall] Help me with 2 commands please?
>I had a guy who helped me set up my PIX but now he has moved on and
> I need to add (I believe) a static & a conduit command to allow a
> user to tunnel thru the firewall to their desktop using OWA. Can
> anyone help me? Assume their station at OWA would be 1234.
>;
> My current firewall is set up as: (ip's changed for security sake)
>;
> interface ethernet0 auto
> interface ethernet1 auto
> nameif ethernet0 outside security0
> nameif ethernet1 inside security100
> hostname MyPix
> fixup protocol ftp 21
> fixup protocol http 80
> fixup protocol h323 1720
> fixup protocol rsh 514
> fixup protocol sqlnet 1521
> fixup protocol sip 5060
> no fixup protocol smtp 25
> names
>; pager lines 15
> no logging timestamp
> no logging standby
> no logging console
> no logging monitor
> no logging buffered
> no logging trap
> logging facility 20
> logging queue 512
> mtu outside 1500
> mtu inside 1500
> ip address outside 75.103.135.58 255.255.255.248
>; ip address inside 10.0.0.2 255.255.255.0
> ip audit info action alarm
>; ip audit attack action alarm
>; pdm history enable
> arp timeout 14400
>; global (outside) 1 75.103.135.62 netmask 255.255.255.248
>; nat (inside) 1 0.0.0.0 0.0.0.0 0 0
> route outside 0.0.0.0 0.0.0.0 70.103.135.57 1
> static (inside,outside) 75.103.135.60 10.0.0.248 netmask
> 255.255.255.255 0
> 0
>
> static (inside,outside) 75.103.135.61 10.0.0.244 netmask
> 255.255.255.255 0 0
> access-list outside_inbound permit icmp any any
> access-list outside_inbound permit tcp any host 75.103.135.60 eq www
> access-list outside_inbound permit tcp any host 75.103.135.60 eq 3389
> access-list outside_inbound permit tcp any host 75.103.135.60 eq smtp
> access-list outside_inbound permit tcp any host 75.103.135.61 eq www
> access-list outside_inbound permit tcp any host 75.103.135.61 eq 3389
> access-list outside_inbound permit tcp any host 75.103.135.61 eq
> smtp
> access-list outside_inbound permit tcp any host 75.103.135.61 eq 443
> access-group outside_inbound in interface outside
> timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00
> timeout rpc 0:10:00 h323 0:05:00
> timeout uauth 0:05:00 absolute
> aaa-server TACACS+ protocol tacacs+
> aaa-server RADIUS protocol radius
> no snmp-server location
> no snmp-server contact
> snmp-server community public
> no snmp-server enable traps
>; telnet timeout 15
> terminal width 80
>
> Thanks a lot for any help!
>;
>
>
>
>
>
>
>
>
>
>
> Yahoo! Groups Links
>;
>
>
>
>
>
>