KEMBAR78
Pix Config | PDF | Radius | Computer Standards
0% found this document useful (0 votes)
182 views7 pages

Pix Config

This document contains the configuration of a Cisco PIX firewall device. It defines settings such as interface configurations, access control lists, network address translations, and other security policies. The configuration identifies two interfaces - an outside interface connected to the internet and an inside interface connected to a local network. It also defines objects for local and external network addresses and allows traffic from local networks to external destinations defined in an access list.

Uploaded by

ignacio_marte
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
182 views7 pages

Pix Config

This document contains the configuration of a Cisco PIX firewall device. It defines settings such as interface configurations, access control lists, network address translations, and other security policies. The configuration identifies two interfaces - an outside interface connected to the internet and an inside interface connected to a local network. It also defines objects for local and external network addresses and allows traffic from local networks to external destinations defined in an access list.

Uploaded by

ignacio_marte
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 7

BALDOM# sh run

: Saved
:
PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password oyXoIh.nPVNvjjJ5 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname BALDOM
domain-name ciscopix.com
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
object-group network ip_local
network-object host 192.168.30.51
network-object host 192.168.30.65
network-object host 192.168.30.77
network-object host 192.168.30.79
network-object host 192.168.30.94
network-object host 192.168.30.103
network-object host 192.168.30.115
network-object host 192.168.30.116
network-object host 192.168.30.127
network-object host 192.168.30.146
network-object host 192.168.30.147
network-object host 192.168.30.153
network-object host 192.168.30.158
network-object host 192.168.30.174
network-object host 192.168.30.186
network-object host 192.168.30.149
network-object host 192.168.30.213
network-object host 192.168.30.242
network-object host 192.168.30.178
network-object host 192.168.30.131
network-object host 192.168.30.117
network-object host 192.168.30.101
network-object host 192.168.30.182
network-object host 192.168.30.113
network-object host 192.168.30.180
network-object host 192.168.30.171
network-object host 200.26.173.13
network-object host 200.26.173.6
object-group network ip_site_internet
network-object host 69.42.98.245
network-object host 200.88.112.120
network-object host 209.159.145.193
network-object host 70.34.33.27

network-object host 196.3.79.245


network-object host 129.33.176.46
network-object host 196.3.79.91
network-object host 209.161.115.170
network-object host 200.88.112.243
network-object host 74.202.142.52
network-object host 196.3.84.101
network-object host 69.42.98.246
network-object host 200.88.83.21
network-object host 190.167.241.96
network-object host 190.167.241.80
network-object host 72.4.126.254
network-object host 65.162.247.77
network-object host 192.168.30.79
network-object host 192.168.30.94
network-object host 192.168.30.103
network-object host 192.168.30.115
network-object host 192.168.30.116
network-object host 192.168.30.127
network-object host 192.168.30.146
network-object host 192.168.30.147
network-object host 192.168.30.153
network-object host 192.168.30.158
network-object host 192.168.30.174
network-object host 192.168.30.186
network-object host 192.168.30.149
network-object host 192.168.30.213
network-object host 192.168.30.242
network-object host 192.168.30.178
network-object host 192.168.30.131
network-object host 192.168.30.117
network-object host 192.168.30.101
network-object host 192.168.30.182
network-object host 192.168.30.113
network-object host 192.168.30.180
network-object host 192.168.30.171
network-object host 200.26.173.13
network-object host 200.26.173.6
object-group network ip_site_internet
network-object host 69.42.98.245
network-object host 200.88.112.120
network-object host 209.159.145.193
network-object host 70.34.33.27
network-object host 196.3.79.245
network-object host 129.33.176.46
network-object host 196.3.79.91
network-object host 209.161.115.170
network-object host 200.88.112.243
network-object host 74.202.142.52
network-object host 196.3.84.101
network-object host 69.42.98.246
network-object host 200.88.83.21
network-object host 190.167.241.96
network-object host 190.167.241.80
network-object host 72.4.126.254
network-object host 65.162.247.77
network-object host 190.8.45.14
network-object host 200.88.114.238
network-object host 204.2.241.145
network-object host 204.2.241.152

network-object host 192.158.61.157


network-object host 65.162.244.77
network-object host 69.4.79.164
network-object host 65.44.168.202
network-object host 173.45.238.139
network-object host 66.210.19.101
network-object host 200.74.146.84
network-object host 196.3.81.180
network-object host 200.42.207.91
network-object host 200.88.126.76
access-list TraficoEntrada permit icmp any any echo-reply
access-list TraficoEntrada permit icmp any any time-exceeded
access-list TraficoEntrada permit icmp any any unreachable
access-list TraficoEntrada permit tcp any host 192.168.0.2 eq imap4
access-list TraficoEntrada permit tcp any host 192.168.0.2 eq 3000
access-list TraficoEntrada permit tcp any host 192.168.0.2 eq smtp
access-list TraficoEntrada permit tcp any host 192.168.0.2 eq 502
access-list TraficoEntrada permit tcp any host 192.168.0.2 eq 2439
access-list TraficoEntrada permit tcp any host 192.168.0.2 eq 3389
access-list TraficoEntrada permit tcp any host 192.168.0.2 eq 993
access-list TraficoEntrada permit tcp any host 192.168.0.2 eq 2638
access-list TraficoEntrada permit tcp any host 192.168.0.2 eq www
access-list TraficoEntrada permit tcp any host 192.168.0.2 eq 8085
access-list pack_internet permit ip object-group ip_local object-group ip_site_i
nternet
pager lines 24
logging on
logging timestamp
logging buffered debugging
logging trap debugging
logging facility 22
logging host inside 192.168.30.5
mtu outside 1500
mtu inside 1500
ip address outside 192.168.0.2 255.255.255.248
ip address inside 192.168.30.6 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm location 192.168.40.0 255.255.255.0 inside
pdm location 192.168.30.4 255.255.255.255 inside
pdm location 192.168.30.3 255.255.255.255 inside
pdm location 192.168.30.5 255.255.255.255 inside
pdm location 192.168.30.6 255.255.255.255 inside
pdm location 192.168.30.2 255.255.255.255 inside
pdm location 192.168.30.25 255.255.255.255 inside
pdm location 192.168.30.8 255.255.255.255 inside
pdm location 192.168.30.0 255.255.255.255 inside
pdm location 192.168.30.6 255.255.255.255 outside
pdm location 192.168.0.1 255.255.255.255 outside
pdm location 201.229.234.201 255.255.255.255 outside
pdm location 192.168.30.12 255.255.255.255 inside
pdm location 192.168.30.20 255.255.255.255 inside
pdm location 192.168.30.21 255.255.255.255 inside
pdm location 192.168.30.22 255.255.255.255 inside
pdm location 192.168.30.23 255.255.255.255 inside
pdm location 192.168.30.55 255.255.255.255 inside
pdm location 192.168.30.56 255.255.255.255 inside
pdm location 192.168.30.58 255.255.255.255 inside
pdm location 192.168.30.66 255.255.255.255 inside
pdm location 192.168.30.67 255.255.255.255 inside

pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm
pdm

location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location
location

192.168.30.68 255.255.255.255 inside


192.168.30.70 255.255.255.255 inside
192.168.30.71 255.255.255.255 inside
192.168.30.72 255.255.255.255 inside
192.168.30.73 255.255.255.255 inside
192.168.30.74 255.255.255.255 inside
192.168.30.75 255.255.255.255 inside
192.168.30.76 255.255.255.255 inside
192.168.30.77 255.255.255.255 inside
192.168.30.78 255.255.255.255 inside
192.168.30.79 255.255.255.255 inside
192.168.30.80 255.255.255.255 inside
192.168.30.82 255.255.255.255 inside
192.168.30.84 255.255.255.255 inside
192.168.30.88 255.255.255.255 inside
192.168.30.90 255.255.255.255 inside
192.168.30.93 255.255.255.255 inside
192.168.30.94 255.255.255.255 inside
192.168.30.95 255.255.255.255 inside
192.168.30.97 255.255.255.255 inside
192.168.30.98 255.255.255.255 inside
192.168.30.99 255.255.255.255 inside
192.168.30.100 255.255.255.255 inside
192.168.30.101 255.255.255.255 inside
192.168.30.103 255.255.255.255 inside
192.168.30.104 255.255.255.255 inside
192.168.30.106 255.255.255.255 inside
192.168.30.107 255.255.255.255 inside
192.168.30.109 255.255.255.255 inside
192.168.30.110 255.255.255.255 inside
192.168.30.111 255.255.255.255 inside
192.168.30.112 255.255.255.255 inside
192.168.30.113 255.255.255.255 inside
192.168.30.114 255.255.255.255 inside
192.168.30.115 255.255.255.255 inside
192.168.30.118 255.255.255.255 inside
192.168.30.120 255.255.255.255 inside
192.168.30.121 255.255.255.255 inside
192.168.30.123 255.255.255.255 inside
192.168.30.124 255.255.255.255 inside
192.168.30.125 255.255.255.255 inside
192.168.30.126 255.255.255.255 inside
192.168.30.132 255.255.255.255 inside
192.168.30.134 255.255.255.255 inside
192.168.30.135 255.255.255.255 inside
192.168.30.142 255.255.255.255 inside
192.168.30.143 255.255.255.255 inside
192.168.30.145 255.255.255.255 inside
192.168.30.149 255.255.255.255 inside
192.168.30.151 255.255.255.255 inside
192.168.30.152 255.255.255.255 inside
192.168.30.155 255.255.255.255 inside
192.168.30.157 255.255.255.255 inside
192.168.30.160 255.255.255.255 inside
192.168.30.163 255.255.255.255 inside
192.168.30.164 255.255.255.255 inside
192.168.30.166 255.255.255.255 inside
192.168.30.170 255.255.255.255 inside
192.168.30.178 255.255.255.255 inside
192.168.30.183 255.255.255.255 inside

pdm location 192.168.30.184 255.255.255.255 inside


pdm location 192.168.30.188 255.255.255.255 inside
pdm location 192.168.30.211 255.255.255.255 inside
pdm location 192.168.30.212 255.255.255.255 inside
pdm location 192.168.30.214 255.255.255.255 inside
pdm location 192.168.30.215 255.255.255.255 inside
pdm location 192.168.30.218 255.255.255.255 inside
pdm location 192.168.30.220 255.255.255.255 inside
pdm location 192.168.30.223 255.255.255.255 inside
pdm location 192.168.30.239 255.255.255.255 inside
pdm location 192.168.30.240 255.255.255.255 inside
pdm location 192.168.30.242 255.255.255.255 inside
pdm location 192.168.30.248 255.255.255.255 inside
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 access-list pack_internet 0 0
nat (inside) 1 192.168.30.2 255.255.255.255 0 0
nat (inside) 1 192.168.30.4 255.255.255.255 0 0
nat (inside) 1 192.168.30.5 255.255.255.255 0 0
nat (inside) 1 192.168.30.12 255.255.255.255 0 0
nat (inside) 1 192.168.30.20 255.255.255.255 0 0
nat (inside) 1 192.168.30.21 255.255.255.255 0 0
nat (inside) 1 192.168.30.22 255.255.255.255 0 0
nat (inside) 1 192.168.30.23 255.255.255.255 0 0
nat (inside) 1 192.168.30.25 255.255.255.255 0 0
nat (inside) 1 192.168.30.55 255.255.255.255 0 0
nat (inside) 1 192.168.30.56 255.255.255.255 0 0
nat (inside) 1 192.168.30.58 255.255.255.255 0 0
nat (inside) 1 192.168.30.66 255.255.255.255 0 0
nat (inside) 1 192.168.30.67 255.255.255.255 0 0
nat (inside) 1 192.168.30.68 255.255.255.255 0 0
nat (inside) 1 192.168.30.70 255.255.255.255 0 0
nat (inside) 1 192.168.30.71 255.255.255.255 0 0
nat (inside) 1 192.168.30.72 255.255.255.255 0 0
nat (inside) 1 192.168.30.73 255.255.255.255 0 0
nat (inside) 1 192.168.30.74 255.255.255.255 0 0
nat (inside) 1 192.168.30.75 255.255.255.255 0 0
nat (inside) 1 192.168.30.76 255.255.255.255 0 0
nat (inside) 1 192.168.30.77 255.255.255.255 0 0
nat (inside) 1 192.168.30.78 255.255.255.255 0 0
nat (inside) 1 192.168.30.79 255.255.255.255 0 0
nat (inside) 1 192.168.30.80 255.255.255.255 0 0
nat (inside) 1 192.168.30.82 255.255.255.255 0 0
nat (inside) 1 192.168.30.84 255.255.255.255 0 0
nat (inside) 1 192.168.30.88 255.255.255.255 0 0
nat (inside) 1 192.168.30.90 255.255.255.255 0 0
nat (inside) 1 192.168.30.93 255.255.255.255 0 0
nat (inside) 1 192.168.30.94 255.255.255.255 0 0
nat (inside) 1 192.168.30.95 255.255.255.255 0 0
nat (inside) 1 192.168.30.97 255.255.255.255 0 0
nat (inside) 1 192.168.30.98 255.255.255.255 0 0
nat (inside) 1 192.168.30.99 255.255.255.255 0 0
nat (inside) 1 192.168.30.100 255.255.255.255 0 0
nat (inside) 1 192.168.30.101 255.255.255.255 0 0
nat (inside) 1 192.168.30.103 255.255.255.255 0 0
nat (inside) 1 192.168.30.104 255.255.255.255 0 0
nat (inside) 1 192.168.30.105 255.255.255.255 0 0
nat (inside) 1 192.168.30.106 255.255.255.255 0 0
nat (inside) 1 192.168.30.107 255.255.255.255 0 0

nat (inside) 1 192.168.30.109 255.255.255.255 0 0


nat (inside) 1 192.168.30.110 255.255.255.255 0 0
nat (inside) 1 192.168.30.111 255.255.255.255 0 0
nat (inside) 1 192.168.30.112 255.255.255.255 0 0
nat (inside) 1 192.168.30.113 255.255.255.255 0 0
nat (inside) 1 192.168.30.114 255.255.255.255 0 0
nat (inside) 1 192.168.30.115 255.255.255.255 0 0
nat (inside) 1 192.168.30.116 255.255.255.255 0 0
nat (inside) 1 192.168.30.118 255.255.255.255 0 0
nat (inside) 1 192.168.30.120 255.255.255.255 0 0
nat (inside) 1 192.168.30.121 255.255.255.255 0 0
nat (inside) 1 192.168.30.123 255.255.255.255 0 0
nat (inside) 1 192.168.30.124 255.255.255.255 0 0
nat (inside) 1 192.168.30.125 255.255.255.255 0 0
nat (inside) 1 192.168.30.126 255.255.255.255 0 0
nat (inside) 1 192.168.30.132 255.255.255.255 0 0
nat (inside) 1 192.168.30.134 255.255.255.255 0 0
nat (inside) 1 192.168.30.135 255.255.255.255 0 0
nat (inside) 1 192.168.30.142 255.255.255.255 0 0
nat (inside) 1 192.168.30.143 255.255.255.255 0 0
nat (inside) 1 192.168.30.145 255.255.255.255 0 0
nat (inside) 1 192.168.30.149 255.255.255.255 0 0
nat (inside) 1 192.168.30.151 255.255.255.255 0 0
nat (inside) 1 192.168.30.152 255.255.255.255 0 0
nat (inside) 1 192.168.30.154 255.255.255.255 0 0
nat (inside) 1 192.168.30.155 255.255.255.255 0 0
nat (inside) 1 192.168.30.157 255.255.255.255 0 0
nat (inside) 1 192.168.30.160 255.255.255.255 0 0
nat (inside) 1 192.168.30.161 255.255.255.255 0 0
nat (inside) 1 192.168.30.163 255.255.255.255 0 0
nat (inside) 1 192.168.30.164 255.255.255.255 0 0
nat (inside) 1 192.168.30.166 255.255.255.255 0 0
nat (inside) 1 192.168.30.170 255.255.255.255 0 0
nat (inside) 1 192.168.30.178 255.255.255.255 0 0
nat (inside) 1 192.168.30.183 255.255.255.255 0 0
nat (inside) 1 192.168.30.184 255.255.255.255 0 0
nat (inside) 1 192.168.30.188 255.255.255.255 0 0
nat (inside) 1 192.168.30.211 255.255.255.255 0 0
nat (inside) 1 192.168.30.212 255.255.255.255 0 0
nat (inside) 1 192.168.30.214 255.255.255.255 0 0
nat (inside) 1 192.168.30.215 255.255.255.255 0 0
nat (inside) 1 192.168.30.218 255.255.255.255 0 0
nat (inside) 1 192.168.30.220 255.255.255.255 0 0
nat (inside) 1 192.168.30.223 255.255.255.255 0 0
nat (inside) 1 192.168.30.239 255.255.255.255 0 0
nat (inside) 1 192.168.30.240 255.255.255.255 0 0
nat (inside) 1 192.168.30.242 255.255.255.255 0 0
nat (inside) 1 192.168.30.248 255.255.255.255 0 0
static (inside,outside) tcp interface 3000 192.168.30.4 3000 netmask 255.255.255
.255 0 0
static (inside,outside) tcp interface smtp 192.168.30.4 smtp netmask 255.255.255
.255 0 0
static (inside,outside) tcp interface imap4 192.168.30.4 imap4 netmask 255.255.2
55.255 0 0
static (inside,outside) tcp interface 502 192.168.30.8 502 netmask 255.255.255.2
55 0 0
static (inside,outside) tcp interface 2439 192.168.30.3 2439 netmask 255.255.255
.255 0 0
static (inside,outside) tcp interface 3389 192.168.30.2 3389 netmask 255.255.255
.255 0 0

static (inside,outside) tcp interface 993 192.168.30.4 993 netmask 255.255.255.2


55 0 0
static (inside,outside) tcp interface 2638 192.168.30.3 2638 netmask 255.255.255
.255 0 0
static (inside,outside) tcp interface 8085 192.168.30.4 8085 netmask 255.255.255
.255 0 0
static (inside,outside) tcp interface www 192.168.30.2 www netmask 255.255.255.2
55 0 0
access-group TraficoEntrada in interface outside
route outside 0.0.0.0 0.0.0.0 192.168.0.1 1
route inside 192.168.30.0 255.255.255.255 192.168.30.1 1
route outside 192.168.30.6 255.255.255.255 192.168.0.1 1
route inside 192.168.40.0 255.255.255.0 192.168.30.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout sip-disconnect 0:02:00 sip-invite 0:03:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
http server enable
http 192.168.30.5 255.255.255.255 inside
http 192.168.30.4 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
telnet 192.168.30.4 255.255.255.255 inside
telnet 192.168.30.5 255.255.255.255 inside
telnet 192.168.30.215 255.255.255.255 inside
telnet timeout 5
ssh timeout 5
console timeout 0
username cisco password 3USUcOPFUiMCO4Jk encrypted privilege 2
terminal width 80
Cryptochecksum:213394e3e733acff2b4d1b2bdb53f8ed

You might also like