Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more ➡
Download
Standard view
Full view
of .
Add note
Save to My Library
Sync to mobile
Look up keyword
Like this
45Activity
×
0 of .
Results for:
No results containing your search query
P. 1
PIX Firewall Labs

PIX Firewall Labs

Ratings: (0)|Views: 2,657|Likes:
Published by Mathivanan

More info:

Published by: Mathivanan on Feb 03, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, DOC, TXT or read online from Scribd
See More
See less

07/24/2013

pdf

text

original

 
PIXLAB - 1
Basic Firewall configurations (Configure ip address and change security levels)PIX(Config)# interface Ethernet0 autoPIX(Config)# interface Ethernet1 autoPIX(Config)# ip address inside 192.168.0.254 255.255.255.0PIX(Config)# ip address outside 10.1.1.1 255.0.0.0PIX(Config)# nameif ehternet0 Outside security50PIX(Config)# nameif ehternet1 Inside security90
LAB - 2
Manage inside to outside and outside to inside access on Firewall(Telnet, FTP, HTTP from inside to outside without translation )PIX(config)# nat 0 0 0 (Telnet, FTP, HTTP from inside to outside with translation )
 
PIX(config)# nat 1 192.168.0.0 255.255.255.0PIX(config)# global 1 16.1.1.1-16.1.1.10Ping inside to outside router fail bkz routing table of outside router is incompleteAdd static router on outside routerOutside(config)# ip route 16.0.0.0 255.0.0.0 10.1.1.1
LAB - 3(Outside to inside Access)
PIX(config)# static 16.1.1.1 192.168.0.253PIX(config)# conduite permit ip any any
LAB - 4(Port Address Translation)
PIX(config)# nat 1 192.168.0.0 255.255.255.0PIX(config)# global 1 16.1.1.1
LAB - 5(Policy NAT)
PIX(config)# access-list 101 permit tcp any host 10.1.1.2 eq 23PIX(config)# access-list 102 permit tcp any host 10.1.1.2 eq 80PIX(config)# access-list 103 permit tcp any host 10.1.1.2 eq 21PIX(config)# nat 1 access-list 101PIX(config)# nat 2 access-list 102PIX(config)# nat 3 access-list 103PIX(config)# global 1 16.1.1.1PIX(config)# global 2 17.1.1.1PIX(config)# global 3 18.1.1.1
(Port Redirection)LAB - 6
(Change Telnet Server port from 23 to 2323)PIX(config)# static tcp 16.1.1.1 23 192.168.0.253 2323PIX(config)# access-list 101 permit tcp any host 16.1.1.1 eq 23PIX(config)# access-group 101 in interface outside 
LAB - 7(NTP Server)
 
Router(config)# clock set 09:00 12 mar 2006Router(config)# ntp masterRouter(config)# ntp authenticateRouter(config)# ntp authentication-key 1234 md5 ciscoRouter(config)# ntp trusted-key 1234PIX(config)# ntp authentication-key 1234 md5 ciscoPIX(config)# ntp authenticatePIX(config)# ntp trusted-key 1234PIX(config)# ntp server 192.168.0.10 source inside preferPIX(config)# show ntp statusPIX(config)# show ntp association
LAB - 8(PIX as DHCP Server)
PIX(config)# dhcpd address 192.168.0.10-192.168.0.50 insidePIX(config)# dhcpd enable inside(To obtain ip address form DHCP Server on Client)On Command promptC:\> ipconfig / renewC:\> ipconfig / release
LAB - 9(Syslog Server)
PIX(config)# logging onPIX(config)# logging host inside 192.168.0.253PIX(config)# logging trap level 7
LAB - 10( IDS on PIX Firewall )
PIX(config)# logging on

Activity (45)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
mohanbabu116 liked this
Mohammed Omer liked this
kamleg liked this
Lotus Perfaction liked this
Lotus Perfaction liked this
Lotus Perfaction liked this
mimi2010hehe liked this
Jun Marquez liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->