Alow one External Webserver access inside

I am testing our new webserver that will replace our existing one - I have assigned it a public IP - I want to create a rule on the PIX 506 to allow any traffic from that webserver inside.

Would I simply enter our existing config and on the command line enter

access-list out_in permit tcp any host eq any

and thats it ?? would I need to enter this as well

access-group out_in in interface outside

Reply to
Paul
Loading thread data ...

I'd suggest limiting the tcp ports to those actually needed :

access-list out_in permit tcp any host eq 80 access-list out_in permit tcp any host eq 443 etc.

Yes you'd need to apply the access-list 'inward' to the outside interface but if this is an existing config I would have assumed it's already been applied.

BernieM

Reply to
BernieM

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.