• cabling news
  Newsletter Industry News Our Site News
• help
  Home Cabling Guide Cabling FAQ Free Helpdesk Forums Learn Cabling
• resources
  Color Codes Pin Layouts Links E-books Bookstore Online Tools Downloads
• this site
  Home Page Contact us Advertise Here Link to us
• this page
  Bookmark It! Print
• +

Cisco Systems Re: Cisco PIX 515 configuration help

Bookmark this page:   Yahoo!   Google   Windows Live   del.icio.us   digg   Netscape

Subject Author Date Re: Cisco PIX 515 configuration help Artie Lange 07-25-08  Re: Cisco PIX 515 configuration help sintral 07-25-08  Re: Cisco PIX 515 configuration help Artie Lange 07-25-08  Re: Cisco PIX 515 configuration help sintral 07-25-08  Re: Cisco PIX 515 configuration help Artie Lange 07-25-08  Re: Cisco PIX 515 configuration help sintral 07-25-08

Posted by Artie Lange on July 25, 2008, 3:45 pm Please log in for more thread options sintral wrote: The below statements are what you have in place > conduit permit tcp host 68.16.146.91 eq www any > conduit permit tcp host 68.16.146.91 eq 444 any > conduit permit tcp host 68.16.146.91 eq 81 any > conduit permit tcp host 68.16.146.91 eq https any > conduit permit tcp host 68.16.146.91 eq ssh any > conduit permit tcp host 68.16.146.91 eq telnet any > conduit permit tcp host 68.16.146.91 eq ftp any > conduit permit tcp host 68.16.146.91 eq smtp any > conduit permit tcp host 68.16.146.91 eq pop3 any > conduit permit tcp host 68.16.146.91 eq 32000 any You already have POP access: +OK mail.fergusoncopeland.com IceWarp 9.1.0 POP3 Fri, 25 Jul 2008 15:41:35 -04 and ftp U:\>ftp ftp> open To 68.16.146.91 Connected to 68.16.146.91. 530 Connection refused, unknown IP address. User (68.16.146.91:(none)): To get IMAP add: conduit permit tcp host 68.16.146.91 eq 143 any > 3. Very soon our website is going to be outsourced. I assume this will > mean two changes on our part: change the DNS entry to point to the > third party hosting server and remove the firewall entry that routes > traffic to 10.6.18.179. No, you only want to remove the conduit entries that equal http/https

Posted by sintral on July 25, 2008, 4:19 pm Please log in for more thread options > sintral wrote: > > The below statements are what you have in place > > > conduit permit tcp host 68.16.146.91 eq www any > > conduit permit tcp host 68.16.146.91 eq 444 any > > conduit permit tcp host 68.16.146.91 eq 81 any > > conduit permit tcp host 68.16.146.91 eq https any > > conduit permit tcp host 68.16.146.91 eq ssh any > > conduit permit tcp host 68.16.146.91 eq telnet any > > conduit permit tcp host 68.16.146.91 eq ftp any > > conduit permit tcp host 68.16.146.91 eq smtp any > > conduit permit tcp host 68.16.146.91 eq pop3 any > > conduit permit tcp host 68.16.146.91 eq 32000 any > > You already have POP access: > > +OK mail.fergusoncopeland.com IceWarp 9.1.0 POP3 Fri, 25 Jul 2008 > 15:41:35 -04 > > and ftp > > U:\>ftp > ftp> open > To 68.16.146.91 > Connected to 68.16.146.91. > 530 Connection refused, unknown IP address. > User (68.16.146.91:(none)): > > To get IMAP add: > > conduit permit tcp host 68.16.146.91 eq 143 any > > =A0> 3. Very soon our website is going to be outsourced. I assume this wi= ll > =A0> mean two changes on our part: change the DNS entry to point to the > =A0> third party hosting server and remove the firewall entry that routes > =A0> traffic to 10.6.18.179. > > No, you only want to remove the conduit entries that equal http/https With FTP, I'm getting the same error message that you do: ftp 68.16.146.91 Connected to 68.16.146.91. 530 Connection refused, unknown IP address. I've added port 22, (though I think SSH was already enabled) and I get this message when trying to connect from outside the office: ssh: connect to host 68.16.146.91 port 22: Connection refused I haven't tried IMAP connections yet since adding the entry suggested above, but telnet (which has a conduit entry) is also giving an error: telnet: Unable to connect to remote host: Connection refused Thanks, Paul

Posted by Artie Lange on July 25, 2008, 4:27 pm Please log in for more thread options sintral wrote: > > With FTP, I'm getting the same error message that you do: > ftp 68.16.146.91 > Connected to 68.16.146.91. > 530 Connection refused, unknown IP address. Sounds to me you have an IP access list setup on the FTP server, you are listening on that port and it is being publish through your firewall > > I've added port 22, (though I think SSH was already enabled) and I get > this message when trying to connect from outside the office: > ssh: connect to host 68.16.146.91 port 22: Connection refused Can you tell me what SSH server you use and what SSH protocol is being used? Version of SSH? > > I haven't tried IMAP connections yet since adding the entry suggested > above, but telnet (which has a conduit entry) is also giving an error: > telnet: Unable to connect to remote host: Connection refused Is telnet running on the server? > > Thanks, > Paul

Posted by sintral on July 25, 2008, 4:38 pm Please log in for more thread options > sintral wrote: > > > With FTP, I'm getting the same error message that you do: > > ftp 68.16.146.91 > > Connected to 68.16.146.91. > > 530 Connection refused, unknown IP address. > > Sounds to me you have an IP access list setup on the FTP server, you are > listening on that port and it is being publish through your firewall > > > > > I've added port 22, (though I think SSH was already enabled) and I get > > this message when trying to connect from outside the office: > > ssh: connect to host 68.16.146.91 port 22: Connection refused > > Can you tell me what SSH server you use and what SSH protocol is being > used? Version of SSH? > > > > > I haven't tried IMAP connections yet since adding the entry suggested > > above, but telnet (which has a conduit entry) is also giving an error: > > telnet: Unable to connect to remote host: Connection refused > > Is telnet running on the server? > > > > > Thanks, > > Paul I'm using ProFTP on 10.6.18.10. To my knowledge I don't have an access restriction list in place. It is pretty much setup with default options. I know it is off topic, but do you know how to check and see if an access list in in use? I'm using OpenSSH_4.7 on that same machine.

Posted by Artie Lange on July 25, 2008, 4:27 pm Please log in for more thread options sintral wrote: > > I haven't tried IMAP connections yet since adding the entry suggested > above, but telnet (which has a conduit entry) is also giving an error: > telnet: Unable to connect to remote host: Connection refused > > Thanks, > Paul IMAP is working

Similar Threads	Posted
Configuration reverted to previous configuration after power loss	March 3, 2006, 11:14 am
Cisco 501 Configuration help.	September 22, 2005, 5:53 pm
Cisco IOS ACL Configuration	May 9, 2006, 8:11 am
configuration cisco 871 & vpn	December 13, 2006, 5:03 am
Cisco 801 configuration	February 28, 2007, 5:23 am
cisco Configuration	August 14, 2007, 11:55 am
Cisco Configuration	December 25, 2007, 6:24 pm
Re: Cisco PIX 515 configuration help	July 25, 2008, 3:45 pm
Re: Cisco PIX 515 configuration help	July 25, 2008, 5:08 pm
cisco routers and ip pbx configuration	February 8, 2005, 5:32 pm
Cisco IOS Configuration analysis	September 16, 2005, 6:15 pm
configuration vpn: cisco + linux	April 28, 2006, 10:08 am
Cisco configuration file	July 7, 2006, 4:32 pm
Cisco 837 configuration issue	November 21, 2005, 12:14 pm
Cisco 1811: V.92 configuration	November 29, 2005, 5:58 am

Contact Us | Privacy Policy