Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
784
Views
0
Helpful
2
Replies

how to configure pix to let IDS traffic go through

xwang2
Level 1
Level 1

‎10-09-2002 05:42 AM - edited ‎02-20-2020 10:17 PM

need a configuration sample on pix to let IDS traffic go though pix. The director is inside a pix firewall and the sensor is outside the pix.

0 Helpful
2 Replies 2

skeetin44
Level 1
Level 1

‎10-09-2002 05:56 AM

Hello,

It sounds like you are trying to pass Cisco Post office protocol. If this is true, you would built your access-lists to permit udp 45000 between the two hosts.

192.168.1.1 is director.

172.16.1.1 is the c&c interface of the IDS.

inside is the name of the inside interface (where director is located)

outside is the name of the outside interface (the same interface on the pix where the the c&c interface is located)

access-list inside_acl permit udp host 192.168.1.1 eq 45000 host 172.16.1.1 eq 45000

access-list outside_acl permit udp host 172.16.1.1 eq 45000 host 192.168.1.1 eq 45000

access-group inside_acl in interface inside

access-group outside_acl in interface outside

If this is for a production network, you may want to contact TAC, to make sure this is best deployment. You would normally not want to put the command and control interface on the outside interface of your pix, without some encryption. Encryption features are available, that can be used for remote deployment of a director and an IDS sensor. If you decide to use encryption, then the access-lists above will be useless.

Hope this helps....

0 Helpful

xwang2
Level 1
Level 1
In response to skeetin44

‎10-09-2002 05:45 PM

Many thanks, it is work

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card