Hi all
I am not a cisco gr8, so I need some help I have a 501 unit at home I configured using he wizard. I would like to open port 4125 for SBS RWW, I am afaid to screw things up. Here is the config as saved from the pix. How do I do this and reload with the new config?
Building configuration... : Saved : PIX Version 6.3(5) interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password SCqvwtzcGzhJS2ll encrypted passwd SCqvwtzcGzhJS2ll encrypted hostname FW-Pix501 domain-name homeco-inside.com fixup protocol dns maximum-length 512 fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 no fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol tftp 69 names access-list nonat permit ip 192.168.50.0 255.255.255.0 192.168.51.0
255.255.255.0 access-list stunnel permit ip 192.168.50.0 255.255.255.0 192.168.51.0 255.255.255.0 access-list 101 permit tcp any host xx.xx.xxx.163 eq smtp access-list 101 permit tcp any host xx.xx.xxx.163 eq pop3 access-list 101 permit tcp any host xx.xx.xxx.163 eq www pager lines 24 mtu outside 1500 mtu inside 1500 ip address outside xx.xx.xxx.162 255.255.255.0 ip address inside 192.168.50.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool vpnpool 192.168.51.100-192.168.51.150 mask 255.255.255.0 pdm location 192.168.50.0 255.255.255.0 inside pdm location 192.168.51.0 255.255.255.0 inside pdm location 192.168.50.0 255.255.255.255 inside pdm location 192.168.50.2 255.255.255.255 inside pdm logging informational 100 pdm history enable arp timeout 900 global (outside) 1 xx.xx.xxx.164-xx.xx.xxx.165 netmask 255.255.255.0 global (outside) 1 xx.xx.xxx.166 nat (inside) 0 access-list nonat nat (inside) 1 192.168.50.0 255.255.255.0 0 0 static (inside,outside) xx.xx.xxx.163 192.168.50.2 netmask 255.255.255.255 0 0 access-group 101 in interface outside route outside 0.0.0.0 0.0.0.0 xx.xx.xxx.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout sip-disconnect 0:02:00 sip-invite 0:03:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ max-failed-attempts 3 aaa-server TACACS+ deadtime 10 aaa-server RADIUS protocol radius aaa-server RADIUS max-failed-attempts 3 aaa-server RADIUS deadtime 10 aaa-server LOCAL protocol local http server enable http 192.168.50.0 255.255.255.255 inside http 192.168.50.0 255.255.255.0 inside http 192.168.51.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable sysopt connection permit-ipsec crypto ipsec transform-set tset esp-aes-256 esp-md5-hmac crypto dynamic-map dynmap 10 set transform-set tset crypto map staticmap 10 ipsec-isakmp dynamic dynmap crypto map staticmap interface outside isakmp enable outside isakmp nat-traversal 20 isakmp policy 10 authentication pre-share isakmp policy 10 encryption aes isakmp policy 10 hash md5 isakmp policy 10 group 2 isakmp policy 10 lifetime 86400 vpngroup LC-Vpn address-pool vpnpool vpngroup LC-Vpn split-tunnel stunnel vpngroup LC-Vpn idle-time 84600 vpngroup LC-Vpn password ******** telnet 192.168.50.0 255.255.255.0 inside telnet 192.168.51.0 255.255.255.0 inside telnet timeout 5 ssh 192.168.50.0 255.255.255.0 inside ssh 192.168.51.0 255.255.255.0 inside ssh timeout 5 management-access inside console timeout 0 terminal width 80 Cryptochecksum:d3e7ba389c67a926a81e37cf936b2ba3 : end [OK]