Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
959
Views
0
Helpful
1
Replies

What Does FIXUP PROTOCOL Do?

dave_j_walsh
Level 1
Level 1

‎02-12-2001 07:46 AM - edited ‎03-08-2019 07:59 PM

What's the point of the FIXUP statement? Is this the protocols allowed through the PIX? I have the default ones in place, but I can still TELNET through. Why?

Also:

The reason I'm asking is that I need to do an ANY rule (Check Point termingology) that will permit ANY protocol/port from the inside. If I have to specifiy every protocol/port, using the FIXUP directive, I'll be there forever. How do I do an ANY protocol/port source rule?

TIA

Dave

Labels:
0 Helpful
1 Reply 1

wdrootz
Level 4
Level 4

‎02-19-2001 07:10 AM

In your situation telnet should work fine without fixup protocols at all. What version of PIX code do you use? I bet your probably running into a bug on an ED code version.

Fixup is handling for special protocols like FTP which requires two ports, SMTP which toggles the mail security feature, etc. Check out the description in the command reference for details:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v53/config/commands.htm#xtocid223322. The PIX by default is everything out, nothing in. All protocols and ports are allowed except icmp. All you have to do is configure NAT (or no-NAT) to get through the thing.

0 Helpful
Customers Also Viewed These Support Documents