PIX 501 Firewall - Network

This is a discussion on PIX 501 Firewall - Network ; I have never setup a firewall before and have been trying to get a PIX 501 to work correctly. Everything seems ok except that I can't get Outlook Web Access to work. I still don't know the commands all that ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: PIX 501 Firewall

  1. PIX 501 Firewall

    I have never setup a firewall before and have been trying to get a PIX 501
    to work correctly. Everything seems ok except that I can't get Outlook Web
    Access to work. I still don't know the commands all that well and I don't
    know how to open the ports or grant access to make this work. I used telnet
    to try and connect to the server and I was unable to so that tells me it is
    probably a problem with my configuration of the firewall. Can anyone help
    me?

    Mike



  2. Re: PIX 501 Firewall


    "Mike Lambert" wrote in message
    news:11cnv73t1bib4ea@corp.supernews.com...
    > I have never setup a firewall before and have been trying to get a PIX 501
    > to work correctly. Everything seems ok except that I can't get Outlook

    Web
    > Access to work. I still don't know the commands all that well and I don't
    > know how to open the ports or grant access to make this work. I used

    telnet
    > to try and connect to the server and I was unable to so that tells me it

    is
    > probably a problem with my configuration of the firewall. Can anyone help
    > me?
    >
    > Mike


    What you need to do is set up a virtual server to forward port 80 in from
    the outside interface to the IP of the OWA server. You may need to
    re-assign the firewall's web management port to something else in order to
    free port 80 for this purpose if you only have one public IP. Then you will
    probably need a policy to permit the traffic once you have made the virtual
    IP setup.

    I'm not a cisco guy, but set about doing your google searches (and/or asking
    cisco gurus how to do it) based on the description above, and you should
    make out ok. Different manufacturers call it different things, but port
    forwarding or virtual servers are the most common terms.

    If you're using telent as a test be sure to to "telent 1.2.3.4 80" so that
    you're connecting on port 80, you won't get much back but anything other
    than a timeout is a success. You don't want to open *all* the ports to the
    server, just 80. Doing more will be a tremendous security risk, every
    hacker in the world will be banging your exchange server.

    -Russ.



+ Reply to Thread