Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX 506E

Status
Not open for further replies.
kudosx

kudosx

Programmer
Joined
Nov 2, 2006
Messages
8
Location
NO
HI,
here is my problem. Today my boss asked me if I could set up, so he could access the webservice I created from outside the company. Well, im not a network guy (at all) but will give it a try! We have a PIX 506E router/firewall, now I have figured out that I want to do some port forwarding. The problem is that I am not able to access cisco PIX 506E at all! I've downloaded their pdf, and it says that I should access from my browser, but I can find it! Any tips would be nice!
Sorry about the totally newbie question!

-kudosx
 
Sort by date Sort by votes
...i'm always mistaken..but i dont think you can access that damn thing by web browser out of the box..
...but i have found doucmentation to make you think you could...

....well go ahead and hook up to the console port of that pix..

...make sure the webservice is turned out..(???) might be on router only and not pix..

..i know you will have to specify and ip address or subnet that access this thing in PDM (web broswer)

...if somebody doesnt come up with more concise answer i will fire up pix and let you know for sure...

..the below link describes some aspects of it..
..but i think the major is the pdm ip address designation..



CCNP,CCSP,MCSE,Sec+,Net+,A+...
 
Upvote 0 Downvote
Hey, thanks for the answer. I will check it out. But I feel I can easily mess things up, so I wonder. Is it possible to add a router/swirch close to the plug where our internet connection comes from, let one cable go to the PIX and the other one going to a unprotected computer (with my webservice stuff). And with that solving all my problems?
-kudosx
 
Upvote 0 Downvote
i dont understand topology..


...what other cable are you talking about..
..isnt there only one connection comming in from the internet?
..i invisioned this to be one cable comming in from the www
going to pix going to internal lan..
...and also to confuse you more..the pix 506 has sometype of vlan optioning for dmz to put that server in..
...what are ya'll doing with that web server? just webpages?

kudosx, to get this thing up and working your going to have to open port 80 and static map port 80 to the internal webserver ..your going to get dirty

..you wont necesarily mess things up, just look..
..befor you config, you can back up the pix config...you can have it back right in about 3 minutes if you *f* something up...but it doesnt hurt to look..and besides, looks like boss expects it :-) YES!

CCNP,CCSP,MCSE,Sec+,Net+,A+...
 
Upvote 0 Downvote
Thanks for the fast reply,
yeah, do be a bit more detailed, the network topology looks something like this

hub <--> pix506e <--> switch <--> wlan

my idea is the following:

switch <--> hub <--> pix506e <--> switch <-->wlan
|
v
webserver


Just webpages, I am afraid not, this is an servlet thing, communicating with SOAP messages (its the backend of an ajax based app). But it should only be there for demo purposes..

Yeah, I can back it up....but, remeber this is the net everybody in the company uses, so it won't be really popular if I f* it up. But isn't alternative 2 a possiblity?

-kudosx
 
Upvote 0 Downvote
ok..great topo...

..ok..its not just a webserver...

please somebody correct because i'm tired....
...i dont think that will work. you will need two public ip's, a router or routable switch..

how is that connection comming in from the internet? cable?







CCNP,CCSP,MCSE,Sec+,Net+,A+...
 
Upvote 0 Downvote
..i mean let me clarify..

..is it cable modem...what is attached to isp right now.

CCNP,CCSP,MCSE,Sec+,Net+,A+...
 
Upvote 0 Downvote
Hi!

No, the only thing between the hub and a SDSL Network extender.
 
Upvote 0 Downvote
ok..
..so is this sdsl extender like a dsl modem?
...do you only have one ip address?
...if yes, that hub cannot route, do you have an extra router (something like a 2600)?

..do you have your console cable out yet? lol!

CCNP,CCSP,MCSE,Sec+,Net+,A+...
 
Upvote 0 Downvote
yes, its a DSL modem, and yes I only have one ip address, and no I do not have an extra router! Damn...yeah, then its pretty obvious that my approach won't work :(

But how hard can it be to configure the PIX506E to not block a certain port??

-kudosx
 
Upvote 0 Downvote
..not hard...
...what you can do...is console into the pix
...copy the config to text file..
....change ip info, domain name..and x-out the password info (included the crypted)
...and paste in here..
..lots of people here to guide you...

..also keep in mind this is not the "pix section"
..below is...
...but still people here know pix..




CCNP,CCSP,MCSE,Sec+,Net+,A+...
 
Upvote 0 Downvote
Hi! The problem is that I haven't been able to figure out how to "log into" the PIX? It should be possible to telnet to it, and configure it from there?

-kudosx
 
Upvote 0 Downvote
hi, thanks for the reply again...
The problem isn't there, I wonder...(and this might be a very stupid question)..what ip address should I telnet/ssh to? (or is there any way to find it..)

-kudosx
 
Upvote 0 Downvote
..i would plug into the "inside Lan" side of the pix.
..pull ip address with dhcp, telnet/ssh to gateway ip address

...why havent you used the d%$# console cable yet!!!????

..good luck, let us know how it goes!

 
Upvote 0 Downvote
just to get everything clear, I have to remove a cable from the pix, and plug my computers cable into it?
 
Upvote 0 Downvote
....isnt there like two ethernet ports on that pix..
....and you have your internal lan port plugged into the switch..
...and client computers are plugged into that switch..

...so you can pull one of the clients on the lan side and try to telnet..which i think you already done..

..or use the blue console cable ..check link below for pic of console cable/port


..use standard console/buad settings..




 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

brownmab53
  • Locked
  • Question Question
Cisco PIX 525 is not allowing DHCP address to be applied to router
Replies
1
Views
306
iggsterman
iggsterman
hall5942
  • Locked
  • Question Question
Site to Site VPN with Cisco 881 and PIX
Replies
0
Views
198
hall5942
hall5942
levelistic
  • Locked
  • Question Question
Cisco Pix 506e Firewall/Router
Replies
2
Views
173
burtsbees
burtsbees
kmolloy
  • Locked
  • Question Question
PIX 506e DMZtoInside Configuration Issue
Replies
1
Views
67
kmolloy
kmolloy
imbadatthis
  • Locked
  • Question Question
PIX question
Replies
1
Views
164
njjimbo
njjimbo

Part and Inventory Search

Sponsor

Back
Top