02-23-2005 08:19 PM - edited 02-21-2020 01:37 PM
I have a IPSec tunnel running between PIX's 515E (PIX-A) and 506E (PIX-B). The version on the PIX 515E is 6.3(3)and the PIX506E is 6.3(4). The tunnels work perfect but I would like the dhcp client on PIX-B to authenticate for web browsing to my websense server which is running on PIX-A. I have put in the command for I entered the command for on PIX-B as follows:
url-server (inside) vendor websense host 10.X.X.X timeout 5 protocol UDP version 4
filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
The web traffic seem to be bypass the websense server on PIX-A.
What is the best way to do this?
03-01-2005 04:17 PM
management-access inside
no url-server (outside) vendor websense host 10.x.x.x timeout 5 protocol TCP version 1
url-server (inside) vendor websense host 10.x.x.x timeout 5 protocol TCP version 1
sysopt connection permit-ipsec
This will allow the PIX to source its websense requests from the inside interface IP, so the public IP won't need to be known.
03-10-2005 03:28 PM
Thanks
03-10-2005 03:46 PM
Couple of questions?
The command that you posted are to be applied on PixB correct? and what does the management-access inside do?
Sincerely,
Naeem
03-11-2005 08:46 AM
The commands work perfectly for my solution and thank you for the help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide