[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: PIX DMZ questions

To: 'Rob Serfozo' <rserfozo@kscfcu.org>, Firewalls LIST <firewalls@Lists.GNAC.NET>
Subject: RE: PIX DMZ questions
From: Ben Tyson-Norrman <btyson-norrman@twowaytv.co.uk>
Date: Wed, 12 Jul 2000 18:36:01 +0100

    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

I think the asnwer is conduit permit tcp host 223.100.200.1 and then your
dmz server's IP address -rather than any....

I'm sure there's a better answer though....

Ben

-----Original Message-----
From: Rob Serfozo [mailto:rserfozo@kscfcu.org]
Sent: Wednesday, July 12, 2000 6:23 PM
To: Firewalls LIST
Subject: PIX DMZ questions


We have a webserver set up on dmz and a server on the inside.  The dmz
server needs to pass data to the inside server.  I have set up the following
statements in our Pix config.

static (inside,dmz1) 192.168.1.2 223.100.200.1 netmask 255.255.255.255 0 0

conduit permit tcp host 192.168.1.2 any

The firewall seems to be working well.  You can access the internet from
both the inside and dmz.  Any advice.

Thanks,
Rob

-
[To unsubscribe, send mail to majordomo@lists.gnac.net with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to majordomo@lists.gnac.net with
"unsubscribe firewalls" in the body of the message.]

Prev by Date: PIX DMZ questions
Next by Date: Re: weird (not queer) traffic
Prev by thread: PIX DMZ questions
Next by thread: RE: PIX DMZ questions
Index(es):
- Date
- Thread