[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] http ports
In PIX world this is not an issue. The "inside" interface will usually be assigned a security level of 100 and the "outside" (internet facing) interface will have a security level of 0. In PIX world packets from a higher security leveled interface (inside --> outside) go unrestricted. So setup a NAT or PAT for your inbound IP's to go to the Internet & you're about done. It's a bit more complicated then this of course, but I'd be happy to help you in any way I can. The PIX doesn't care what port the traffic is trying to go to. Of course, you can put an explicit "deny all" statement into the PIX and then you'd have to allow this traffic to go out to the Internet on a rule by rule (port by port) basis. Jose -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]]On Behalf Of BY Sent: Friday, May 10, 2002 10:47 PM To: [email protected] Subject: [FW-1] http ports Hi all, Current issue:- Any remote web sites that are not using HTTP PORT 80, my users behind the firewall are unable to access those sites because there are using other ports like 8001; or 2048; , etc. In few weeks time, we are keen to replace the current Firewall Checkpoint 4.1 with PIX Firewall 501 I think. For who are already using PIX firewall, would you be kind enough telling me any hints to overcome this http port issues? Thanks very much in advanced. BY ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|