Gerald,
I don't have much knowledge about this PIX. I got this box this weekend from ebay.
so I am so excited about this stuff. on the other hand, I am so stressed about this. since I spent $350.00 for this.
Don't assume that I know anything about PIX. I'm just learning about this. What does that mean?
"allow inbound mail, web, DNS, FTP, and RADIUS connections, and bone just about everything else, including the PATed replies coming back in to .5? "
First, do I need to set up Server for authenticaion. I assume that windows 2003 server will authenticate the network access since windows 2003 server has a user name and password, Right?
If I need to set up server for authentication, what would that be? any CD required? while I was researching the web all day, I found that there was a comment like "Installing CiscoSecure ACS for Windows 2000/NT" Does it really need for creating VPN access from outside to inside network.
All I want is that I would like to have access this server from outside using Cisco PIX 501 VPN. If you add something, it would be really helpful.
Thanks!
Gerald Combs [email protected] wrote: Joseph Shepherd wrote:
--> Router -> Cisco PIX 501 -> Windows 2003 Standard ( 192.168.1.3) -> Windows XP (192.168.1.5) Two computer is connected directly to PIX 501.
only 192.168.1.3 can access to internet outside. not 192.168.1.5.
I'm a little rusty on the PIX, but don't access lists have an implicit "deny" at the end? If so, wouldn't
access-list outside_access_in permit tcp any host 67.53.24.194 eq smtp access-list outside_access_in permit tcp any host 67.53.24.194 eq www access-list outside_access_in permit tcp any host 67.53.24.194 eq domain access-list outside_access_in permit tcp any host 67.53.24.194 eq ftp access-list outside_access_in permit tcp any host 67.53.24.194 eq 1812 access-list outside_access_in permit tcp any host 67.53.24.194 eq 1813 access-list outside_access_in permit udp any any eq domain
[ implied: deny ip any any ]
in conjunction with
access-group outside_access_in in interface outside
allow inbound mail, web, DNS, FTP, and RADIUS connections, and bone just about everything else, including the PATed replies coming back in to .5? _______________________________________________ Kclug mailing list [email protected] http://kclug.org/mailman/listinfo/kclug
Joseph Sheperd [email protected] I like the dreams of the future better than the history of the past. --Thomas Jefferson
--------------------------------- Do you Yahoo!? Yahoo! Mail - You care about security. So do we.