Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] http ports

To: [email protected]
Subject: Re: [FW-1] http ports
From: Jose Calvillo <[email protected]>
Date: Sat, 11 May 2002 18:54:16 -0600
Importance: Normal
In-reply-to: <013601c1f8a6$f72e70c0$0100a8c0@beexp>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

In PIX world this is not an issue.  The "inside" interface will usually be
assigned a security level of 100 and the "outside" (internet facing)
interface will have a security level of 0.  In PIX world packets from a
higher security leveled interface (inside --> outside) go unrestricted.

So setup a NAT or PAT for your inbound IP's to go to the Internet & you're
about done.  It's a bit more complicated then this of course, but I'd be
happy to help you in any way I can.

The PIX doesn't care what port the traffic is trying to go to.

Of course, you can put an explicit "deny all" statement into the PIX and
then you'd have to allow this traffic to go out to the Internet on a rule by
rule (port by port) basis.

Jose

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of BY
Sent: Friday, May 10, 2002 10:47 PM
To: [email protected]
Subject: [FW-1] http ports


Hi all,

Current issue:-
Any remote web sites that are not using HTTP PORT 80, my users behind
the firewall are unable to access those sites because there are using
other ports like 8001; or 2048; , etc.

In few weeks time, we are keen to replace the current Firewall
Checkpoint 4.1 with PIX Firewall 501 I think.

For who are already using PIX firewall, would you be kind enough telling
me any hints to overcome this http port issues?

Thanks very much in advanced.

BY

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- [FW-1] http ports
  - From: BY <[email protected]>

Prev by Date: [FW-1] Finally but still far from ....
Next by Date: Re: [FW-1] Plz help me immediately....
Previous by thread: [FW-1] http ports
Next by thread: Re: [FW-1] http ports
Index(es):
- Date
- Thread