Re: PIX to PIX using IPSec tunnel and websense issues

naeem.shah · ‎02-23-2005

I have a IPSec tunnel running between PIX's 515E (PIX-A) and 506E (PIX-B). The version on the PIX 515E is 6.3(3)and the PIX506E is 6.3(4). The tunnels work perfect but I would like the dhcp client on PIX-B to authenticate for web browsing to my websense server which is running on PIX-A. I have put in the command for I entered the command for on PIX-B as follows:

url-server (inside) vendor websense host 10.X.X.X timeout 5 protocol UDP version 4

filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow

The web traffic seem to be bypass the websense server on PIX-A.

What is the best way to do this?

mchin345 · ‎03-01-2005

management-access inside

no url-server (outside) vendor websense host 10.x.x.x timeout 5 protocol TCP version 1

url-server (inside) vendor websense host 10.x.x.x timeout 5 protocol TCP version 1

sysopt connection permit-ipsec

This will allow the PIX to source its websense requests from the inside interface IP, so the public IP won't need to be known.

naeem.shah · ‎03-10-2005

Thanks

naeem.shah · ‎03-10-2005

Couple of questions?

The command that you posted are to be applied on PixB correct? and what does the management-access inside do?

Sincerely,

Naeem

naeem.shah · ‎03-11-2005

The commands work perfectly for my solution and thank you for the help