Book Excerpt: Cisco Secure Internet Security Solutions - part 4 - Page 2

By Cisco Press | Posted Sep 27, 2001
Page 2 of 6   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn
 hostname pixfirewall

 enable password enablepass encrypted
 passwd password encrypted

 nameif ethernet0 outside security0
 nameif ethernet1 inside security100
 nameif ethernet2 public security 50

 interface ethernet0 auto
 interface ethernet1 auto
 interface ethernet2 auto

 ip address outside
 ip address inside
 ip address public

 fixup protocol http 80
 fixup protocol http 10120
 fixup protocol http 10121
 fixup protocol http 10122
 fixup protocol http 10123
 fixup protocol http 10124
 fixup protocol http 10125
 fixup protocol ftp 21
 fixup protocol ftp 10126
 fixup protocol ftp 10127

 snmp-server community ourbigcompany
 snmp-server location Seattle
 snmp-server contact Mark Newcomb Andrew Mason
 snmp-server host inside
 snmp-server enable traps

 logging on
 logging host
 logging trap 7
 logging facility 20
 no logging console


 url-server (inside) host timeout 30
 url-server (inside) host
 filter url http 0 0 0 0

 global (outside) 1
 global (outside) 1
 nat (inside) 1 0 0
 nat (inside) 1 0 0
 nat (inside) 1 0 0
 nat (public) 1 0 0

 static (public, outside)
 static (public, outside)
 static (public, outside)

 conduit permit tcp host eq http any
 conduit permit tcp host eq ftp any
 conduit permit tcp host eq smtp any
 conduit permit tcp any eq sqlnet host

 route outside 0 0 1
 route inside 1
 route inside 1
 route inside 1
 route public

 arp timeout 7200

 clear xlate
 write mem

The hostname command has been added as the first line in this configuration. This merely identifies the host when you Telnet in for configuration.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter