配置cisco pix防火墙（配置Cisco PIX防火墙）.doc

配置cisco pix防火墙（配置Cisco PIX防火墙） C. configuration fixup protocol The fixup command function is enabled, prohibits, changes a service or protocol through the PIX Firewall, and the port specified by the fixup command is the service that the PIX Firewall listens for. See the following example: Example 1.Pix525 (config) #fixup protocol FTP 21 Enable the FTP protocol and specify the port number of FTP to be 21 Example 2.Pix525 (config) #fixup Protocol HTTP 80 The Pix525 (config) #fixup Protocol HTTP 1080 specifies 80 and 1080 ports for the HTTP protocol, and the. Example 3.Pix525 (config) #no fixup Protocol SMTP 80 Disable the SMTP protocol. D. settings telnet Telnet has a version change. Prior to the pix OS 5 (version number of the pix operating system), access to pix can only be accessed from the host on the internal network through the telnet. In pix OS 5 and subsequent versions, access from telnet to pix can be enabled on all interfaces. When the external interface to telnet to the PIX Firewall, telnet data need to use IPSec to provide protection, which means that users must be configured to establish a pix to another pix, IPSec router or VPN client. Another is to configure SSH on PIX, then use SSH client from external telnet to PIX firewall, PIX support SSH1 and SSH2, but SSH1 is free software, and SSH2 is commercial software. By contrast, the telnet on the Cisco router is doing poorly. Telnet configuration syntax: telnet local_ip [netmask] local_ip represents the IP address that is authorized to access the pix through the telnet. If this item is not available, the configuration of the pix can only be performed by console. Having said so much, here is an example of configuration for your reference. Welcome, to, the, PIX, firewall Type, help, or , for, a, list, of, available, commands. PIX525 en Password: PIX525#sh config : Saved : PIX Version 6 (1) - PIX, the current operating system version is 6 Nameif Ethernet0 outside security0 Nameif ethernet1, inside, security100