![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Cisco PIX 515E
- Thread starter PHUNBALL
- Start date
Blitzrommel
2[H]4U
- Joined
- Sep 26, 2001
- Messages
- 2,659
Check out Cisco's white papers on that OS, oughta tell you.
Blitzrommel said:Check out Cisco's white papers on that OS, oughta tell you.
I already checked, that's why I ask. By nature PIX's are not routers so they have not supported this in the past, but according to some folks the latest version of software will perform this function (similar to the VPN3k and ASA). I just wanted to see if anyone has been able to get this to work or knows more about it.
No prob. It works great too. You can use an ACL to define who can go back out the interface and what they can connect to on their way back out. Example: a remote VPN site needed to be able to access public addresses over a specific port to control satellite modems, and our policy was "NO split-tunneling. Period." So we were able to use an ACL to allow their traffic back out to the Internet only if it met certain source and destination port requirements. Everything else was proxied through our central proxy. So in effect, they had filtered web access, and access to the satellite modems.
Your right, it does work great. Tonight I upgraded the code on this particular PIX to 7.2 and it is doing exactly what I need it to do. After you provided that command I was able to find the information I was looking for on Cisco's site...
Thanks Again!!!
Thanks Again!!!
Have you used the 7.x code before? If not, I'd HIGHLY recommend that you look over the "Caveats" section of the release notes. I haven't used 7.2, but I remember from previous 7.x versions, I was loading a new "special engineering release" into our PIX and ASA about once a month because they were fixing bugs so quickly.
Boscoh said:Have you used the 7.x code before? If not, I'd HIGHLY recommend that you look over the "Caveats" section of the release notes. I haven't used 7.2, but I remember from previous 7.x versions, I was loading a new "special engineering release" into our PIX and ASA about once a month because they were fixing bugs so quickly.
I have used 7.x on the ASA, just not on the PIX. I may have stumbled upon one of these bugs already. That location was having some problems this AM with SIP signaling from a CallManager Express to a soft switch and it turns out the same-security-traffic... command is what caused the problem although I can't figure out why since none of that traffic traverses a VPN tunnel.
I can see my invite messages being sent to the soft switch, but I only get unauthorized messages in return and never try to acknowledge them with the correct credentials. Strange...