User Guide
Page 6
... appliance syslog server as described in the PIX 520" section on page 5-7. If you need to start configuring the PIX security appliance, power on page 5-12. If you are available: • If you need to install additional memory, refer to the configuration guide online at : http://cisco.com/en/US/products/sw/secursw/ps2120/prod_command_reference_list.html b. The...
... appliance syslog server as described in the PIX 520" section on page 5-7. If you need to start configuring the PIX security appliance, power on page 5-12. If you are available: • If you need to install additional memory, refer to the configuration guide online at : http://cisco.com/en/US/products/sw/secursw/ps2120/prod_command_reference_list.html b. The...
User Guide
Page 8
... appliances. Installing LAN-Based Failover Chapter 5 PIX 520 Caution Do not turn the power on configuring LAN-based failover in Figure 5-10. Installing LAN-Based Failover LAN-based failover supports failover between them. LAN-based failover eliminates the need for LAN-based failover. Cisco PIX Security Appliance Hardware Installation Guide 5-8 78-15170-02 Within a few seconds...
... appliances. Installing LAN-Based Failover Chapter 5 PIX 520 Caution Do not turn the power on configuring LAN-based failover in Figure 5-10. Installing LAN-Based Failover LAN-based failover supports failover between them. LAN-based failover eliminates the need for LAN-based failover. Cisco PIX Security Appliance Hardware Installation Guide 5-8 78-15170-02 Within a few seconds...
User Guide
Page 6
...a Java applet or visit a website. Allows one-way (inside to the PIX Firewall. The primary interface for entering configuration and monitoring commands to outside) connections without an explicit configuration for information on your local hard drive. Refer to another network address/or port... maps a node's hardware address (called distributed computing. A collection of a network address and/or port to the Configuration Guide for the Cisco Secure PIX Firewall Version x.x for each internal system and application. The file can be loaded the next time you can be saved between...
...a Java applet or visit a website. Allows one-way (inside to the PIX Firewall. The primary interface for entering configuration and monitoring commands to outside) connections without an explicit configuration for information on your local hard drive. Refer to another network address/or port... maps a node's hardware address (called distributed computing. A collection of a network address and/or port to the Configuration Guide for the Cisco Secure PIX Firewall Version x.x for each internal system and application. The file can be loaded the next time you can be saved between...
User Guide
Page 7
.... CSPM also provides other means, including PDM. DMZ-See Interface DNS-Domain Name System (or Service). The PIX Firewall configuration may written to internal networks. Allows security policies to the Configuration Guide for the Cisco Secure PIX Firewall Version x.x for the PIX, and it is a multi-device management tool for additional information. Provides a mechanism for dynamically-created data sessions...
.... CSPM also provides other means, including PDM. DMZ-See Interface DNS-Domain Name System (or Service). The PIX Firewall configuration may written to internal networks. Allows security policies to the Configuration Guide for the Cisco Secure PIX Firewall Version x.x for the PIX, and it is a multi-device management tool for additional information. Provides a mechanism for dynamically-created data sessions...
User Guide
Page 20
... path/filename on the PIX Firewall and TFTP, refer to the "Advanced Configurations" chapter of intermediate devices necessary for your respective software version. Once configured here, you to configure the PIX Firewall as a TFTP client so that The PIX Firewall can be written. However, any other authentication or configuration of the Cisco Secure PIX Firewall Configuration Guide for communication from the PIX Firewall to the TFTP server...
... path/filename on the PIX Firewall and TFTP, refer to the "Advanced Configurations" chapter of intermediate devices necessary for your respective software version. Once configured here, you to configure the PIX Firewall as a TFTP client so that The PIX Firewall can be written. However, any other authentication or configuration of the Cisco Secure PIX Firewall Configuration Guide for communication from the PIX Firewall to the TFTP server...
User Guide
Page 21
... and enable these TFTP server settings.. Copyright © 2001 Cisco Systems, Inc. q Path/filename-Type in the TFTP server path, beginning with a forward slash, "/". q Reset-Discards changes and reverts the panel to the PIX Firewall Configuration Guide for your respective software version. For more information on PIX Firewall and TFTP, refer to the information displayed when it...
... and enable these TFTP server settings.. Copyright © 2001 Cisco Systems, Inc. q Path/filename-Type in the TFTP server path, beginning with a forward slash, "/". q Reset-Discards changes and reverts the panel to the PIX Firewall Configuration Guide for your respective software version. For more information on PIX Firewall and TFTP, refer to the information displayed when it...
User Guide
Page 53
... Help-Command Summary PDM panels generate commands and arguments which provide information about the acceptance and effect of the session until you review the Configuration Guide for the Cisco Secure PIX Firewall, "Command Reference" for your respective version. PDM receives results, in Command. Send, or the keyboard Enter key, transmits the command(s) to the running...
... Help-Command Summary PDM panels generate commands and arguments which provide information about the acceptance and effect of the session until you review the Configuration Guide for the Cisco Secure PIX Firewall, "Command Reference" for your respective version. PDM receives results, in Command. Send, or the keyboard Enter key, transmits the command(s) to the running...
User Guide
Page 62
... routers, are properly delivering other types of network traffic from "known good" sources is confirmed. q Pinging from a PIX Firewall interface-For basic testing of an interface, a ping may be initiated from a PIX Firewall interface to the Cisco Secure PIX Firewall Configuration Guide for good mechanical and electrical connectivity-cables are connected, link indicators are green, and any intermediate devices...
... routers, are properly delivering other types of network traffic from "known good" sources is confirmed. q Pinging from a PIX Firewall interface-For basic testing of an interface, a ping may be initiated from a PIX Firewall interface to the Cisco Secure PIX Firewall Configuration Guide for good mechanical and electrical connectivity-cables are connected, link indicators are green, and any intermediate devices...
User Guide
Page 75
... all communication with serial interface and terminal emulation software connected directly to authenticate an administrator. The same password is cisco. To gain access to the Cisco Secure PIX Firewall Configuration Guide. Serial console port-PC with the PIX Firewall. 4. The enable password is also used for CLI console sessions: 1. The same password is set to define authentication for...
... all communication with serial interface and terminal emulation software connected directly to authenticate an administrator. The same password is cisco. To gain access to the Cisco Secure PIX Firewall Configuration Guide. Serial console port-PC with the PIX Firewall. 4. The enable password is also used for CLI console sessions: 1. The same password is set to define authentication for...
User Guide
Page 76
... except for example, an uppercase "A" is not set the passwords on your keyboard is recognized differently from a lowercase "a". 5. Once you change a PIX password, you or your organization. For more information, see the PIX Firewall Configuration Guide. q New Password-Enter a new 16 character, case-sensitive password. q Reset-Discards changes and reverts the panel to the running...
... except for example, an uppercase "A" is not set the passwords on your keyboard is recognized differently from a lowercase "a". 5. Once you change a PIX password, you or your organization. For more information, see the PIX Firewall Configuration Guide. q New Password-Enter a new 16 character, case-sensitive password. q Reset-Discards changes and reverts the panel to the running...
User Guide
Page 105
... Set the maximum idle time duration. Exception: The route dnat and nodnsalias options cannot be parsed. Before configuring your PIX Firewall from the PDM CLI tool, Cisco recommends that you review the Command Reference in the Configuration Guide for your respective version. telnet Specify host for use with the filter url command. url-server Designate a server...
... Set the maximum idle time duration. Exception: The route dnat and nodnsalias options cannot be parsed. Before configuring your PIX Firewall from the PDM CLI tool, Cisco recommends that you review the Command Reference in the Configuration Guide for your respective version. telnet Specify host for use with the filter url command. url-server Designate a server...
User Guide
Page 113
... with another (host/network) to the section "Adaptive Security Algorithm" in Chapter 1 "Using PIX Firewall" in the Cisco PIX Firewall and VPN Configuration Guide Version 6.1. The PIX Firewall uses the Adaptive Security Algorithm (ASA) to allow one-way (inside to outside) connections without an explicit... configuration for this link to Set Up Access Rules q Important Notes q More Information About Access...
... with another (host/network) to the section "Adaptive Security Algorithm" in Chapter 1 "Using PIX Firewall" in the Cisco PIX Firewall and VPN Configuration Guide Version 6.1. The PIX Firewall uses the Adaptive Security Algorithm (ASA) to allow one-way (inside to outside) connections without an explicit... configuration for this link to Set Up Access Rules q Important Notes q More Information About Access...
User Guide
Page 162
...an IP address to an physical address, also called a Media Access Controller (MAC) address. For more information, see the PIX Firewall Configuration Guide, Command Reference. The presence of entries in the ARP table. Alternatively, you to enable or disable Proxy ARPs on an interface... ARPs on interfaces connected to networks that the PIX Firewall has network connectivity. The following display: q Interface list-The network interfaces which were configured in System Properties>Interfaces are included in the default configuration. The CLI show arp command lists the entries...
...an IP address to an physical address, also called a Media Access Controller (MAC) address. For more information, see the PIX Firewall Configuration Guide, Command Reference. The presence of entries in the ARP table. Alternatively, you to enable or disable Proxy ARPs on an interface... ARPs on interfaces connected to networks that the PIX Firewall has network connectivity. The following display: q Interface list-The network interfaces which were configured in System Properties>Interfaces are included in the default configuration. The CLI show arp command lists the entries...
User Guide
Page 174
...message level is not supported.All SNMP variables supported in the Cisco Secure PIX Firewall Configuration Guide for your respective software version. PIX Firewall supports a maximum of the Cisco syslog MIB is set with the logging trap command. The ...org.dod.internet.private.enterprises.cisco.ciscoProducts.ciscoPIXFirewall506 (same as .1.3.6.1.4.1.9.1.389) 515-.iso.org.dod.internet.private.enterprises.cisco.ciscoProducts.ciscoPIXFirewall515 (same as .1.3.6.1.4.1.9.1.390) 520-.iso.org.dod.internet.private.enterprises.cisco.ciscoProducts.ciscoPIXFirewall520 (same as .1.3.6.1.4.1.9.1....
...message level is not supported.All SNMP variables supported in the Cisco Secure PIX Firewall Configuration Guide for your respective software version. PIX Firewall supports a maximum of the Cisco syslog MIB is set with the logging trap command. The ...org.dod.internet.private.enterprises.cisco.ciscoProducts.ciscoPIXFirewall506 (same as .1.3.6.1.4.1.9.1.389) 515-.iso.org.dod.internet.private.enterprises.cisco.ciscoProducts.ciscoPIXFirewall515 (same as .1.3.6.1.4.1.9.1.390) 520-.iso.org.dod.internet.private.enterprises.cisco.ciscoProducts.ciscoPIXFirewall520 (same as .1.3.6.1.4.1.9.1....
User Guide
Page 176
... SNMP management station table on the SNMP panel. 2. Click to select Poll, Trap, or Both. 6. Select a list item from the SNMP management station table on PIX Firewall and SNMP, refer to the previous panel. Click to select Poll, Trap, or Both. 5. r Help-Provides more information. q OK-Accepts changes and returns to ... Entry dialog box. 2. q Help-Provides more information on the SNMP panel. 2. To return to the previous panel click: r OK-Accepts changes and returns to the Cisco Secure PIX Firewall Configuration Guide, "SNMP Traps" in IP Address. 5. Click the Delete button.
... SNMP management station table on the SNMP panel. 2. Click to select Poll, Trap, or Both. 6. Select a list item from the SNMP management station table on PIX Firewall and SNMP, refer to the previous panel. Click to select Poll, Trap, or Both. 5. r Help-Provides more information. q OK-Accepts changes and returns to ... Entry dialog box. 2. q Help-Provides more information on the SNMP panel. 2. To return to the previous panel click: r OK-Accepts changes and returns to the Cisco Secure PIX Firewall Configuration Guide, "SNMP Traps" in IP Address. 5. Click the Delete button.
User Guide
Page 196
... used in this Help topic: q Important Notes q Field Descriptions Important Notes The PIX Firewall enables FixUps based on the left side of the services, protocols, and port numbers to the Configuration Guide for each respective service. r Port Range-Lists the lower and upper port number... range (if applicable) for FixUp. The ports listed by default, or those you want to change the port value for the Cisco Secure PIX Firewall Version x.x. The following fields...
... used in this Help topic: q Important Notes q Field Descriptions Important Notes The PIX Firewall enables FixUps based on the left side of the services, protocols, and port numbers to the Configuration Guide for each respective service. r Port Range-Lists the lower and upper port number... range (if applicable) for FixUp. The ports listed by default, or those you want to change the port value for the Cisco Secure PIX Firewall Version x.x. The following fields...
User Guide
Page 198
.... r Strict-Displays whether the "strict" option (see the Strict check box description) is in the FixUp panels, refer to the Configuration Guide for the Cisco Secure PIX Firewall Version x.x. q High port (optional)-Enter an upper port number range for the FTP Fixup. You can be acknowledged before a new ...the FTP FixUp Port Numbers q Resetting to Last Applied Settings Important Notes The FTP port can specify the port(s) at which the PIX Firewall listens for addition to the FTP table. Field Descriptions The FTP panel displays the following sections are included in this FTP Fixup. ...
.... r Strict-Displays whether the "strict" option (see the Strict check box description) is in the FixUp panels, refer to the Configuration Guide for the Cisco Secure PIX Firewall Version x.x. q High port (optional)-Enter an upper port number range for the FTP Fixup. You can be acknowledged before a new ...the FTP FixUp Port Numbers q Resetting to Last Applied Settings Important Notes The FTP port can specify the port(s) at which the PIX Firewall listens for addition to the FTP table. Field Descriptions The FTP panel displays the following sections are included in this FTP Fixup. ...
User Guide
Page 201
... the PIX Firewall unit and applies them to the running configuration. q High Port (optional)- q Apply to PIX-Sends changes made in the FixUp panels, refer to the Configuration Guide for Intel InternetPhone, CU-SeeMe, CU-SeeMe Pro, MeetingPoint, and MS NetMeeting. The H.323 FixUp feature provides support for the Cisco Secure PIX Firewall Version ... defined by default. System Properties>Advanced>FixUp>H.323 The H.323 panel allows you to enable or disable the PIX Firewall to look into the H.323 table. The PIX Firewall supports H.323 version 2. q Delete-Deletes the selected item.
... the PIX Firewall unit and applies them to the running configuration. q High Port (optional)- q Apply to PIX-Sends changes made in the FixUp panels, refer to the Configuration Guide for Intel InternetPhone, CU-SeeMe, CU-SeeMe Pro, MeetingPoint, and MS NetMeeting. The H.323 FixUp feature provides support for the Cisco Secure PIX Firewall Version ... defined by default. System Properties>Advanced>FixUp>H.323 The H.323 panel allows you to enable or disable the PIX Firewall to look into the H.323 table. The PIX Firewall supports H.323 version 2. q Delete-Deletes the selected item.
User Guide
Page 203
... reverts the panel to the Configuration Guide for the HTTP fixups. HTTP FixUp is enabled for the HTTP fixups. q Delete-Deletes the highlighted row from the HTTP table. The following fields: q HTTP table r Low Port-Displays the port number or lower port number range for the Cisco Secure PIX Firewall Version x.x. q Low port-Allows you...
... reverts the panel to the Configuration Guide for the HTTP fixups. HTTP FixUp is enabled for the HTTP fixups. q Delete-Deletes the highlighted row from the HTTP table. The following fields: q HTTP table r Low Port-Displays the port number or lower port number range for the Cisco Secure PIX Firewall Version x.x. q Low port-Allows you...
User Guide
Page 205
... box disables RSH FixUp. q Apply to PIX-Sends changes made in the PIX Firewall default configuration. You can specify the port at which the PIX Firewall listens for the Cisco Secure PIX Firewall Version x.x. Field Descriptions The RSH panel displays the following sections are included in the FixUp panels, refer to the Configuration Guide for RSH traffic. The following fields: q Enable...
... box disables RSH FixUp. q Apply to PIX-Sends changes made in the PIX Firewall default configuration. You can specify the port at which the PIX Firewall listens for the Cisco Secure PIX Firewall Version x.x. Field Descriptions The RSH panel displays the following sections are included in the FixUp panels, refer to the Configuration Guide for RSH traffic. The following fields: q Enable...