Re: firewall

carl_townshend · ‎11-25-2005

How would I enable traffic for both ways on a cisco pix firewall ? basically for http access, I gather this needs to be enabled both ways ?

spremkumar · ‎11-25-2005

Hi

can you revert whether you are trying to host any webservcies in ur local lan and want to give access to that server ?

or simple http access from the local lan ?

on both cases u need to configure NAT which is very much vital.

but in the first case u need to map the server local ip to the public ip with the port numbers in which you are going to host the http service.

also u need to create an access list permitting the outside world to access the server ip on that particular port in which ur hosting the http service..

i think this link will help u out to choose the best case scenario which fits into ur reqirement..

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html

regds

jackko · ‎11-25-2005

assuming you are referring to configuring inbound http access, such as users from internet accessing your webserver.

e.g.

webserver <--> pix <--> www

if my assumption is right, then it depends on the number of public ip you've got.

with one public ip,

static (inside,outside) tcp interface 80 80 netmask 255.255.255.255

access-list inbound permit tcp any interface outside eq 80

access-group inbound in interface outside

with multiple public ips,

static (inside,outside) netmask 255.255.255.255

access-list inbound permit tcp any host eq 80

access-group inbound in interface outside