Cisco Firewall :: Pix 506E - Clients Do Not Access Some Websites?
Feb 27, 2012
I have a problem with PIX 506E that meets the version 6.1, and in an simple computer network equipment seems to behave in strange ways because some web sites do not open or very open slow thereby its operation impracticable. On the other hand other web sites open normally.
Querying the web site of the Cisco, I found several documents discussing the same problem but in a later version ( 7.0 ), not in this version 6.1.
I've tried removing the pix from the network , not the error occurred, again insert pix however tested only with a machine, without the rest of the network and the problem persists
View 13 Replies
ADVERTISEMENT
Mar 4, 2011
How to configure SSH access on my PIX 506e. I would like to use local authentication with no AAA server. Also I would like to have telnet disabled completely.
View 3 Replies
View Related
Oct 9, 2012
I have a PIX 501 with 6.2 FW. The firewall inside network is connected to a Windows server (Mailserver). I can get access to most websites on all clients as well as on the server. However, there are some particular websites, such as facebook.com that the server and all but one client cannot access. I get a "cannot display the webpage" in internet explorer.
I have disabled the Windows firewall and AV. I have also scanned for any malware and no malware was found.
I found on the forums a "fixup protocol dns" solution, but my PIX version does not support it.
Below is my config:
PIX Version 6.2(2)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
[Code]......
View 12 Replies
View Related
Nov 18, 2012
Has ASA5510-K8 as firewall, has access rules setup for restricted PCs: [code] permitOn those PCs, users can only browse the websites that are in favorites, but some of them are working, some are not.Test on unrestricted PC, websites that can’t be accessed from public PCs can be access on regular PCs , either by address or IP.Checked GPO setting, don’t see anything wrong there.
View 4 Replies
View Related
Dec 26, 2012
I am having an issue where I cannot access certain files on websites. It looks as though the files are accessed via ftp. Could my router be blocking it. I have a Cisco 2801 router acting as a firewall.
View 13 Replies
View Related
Aug 20, 2012
We have a Cisco ASA 5520 and Web sense. I added a filter but it seems like it is still not allowing us to access a certain website from most of the machines however some machines with the same configuration work on the DMZ. Accessing website tells us:
"Firefox has detected that the server is redirecting the request for this address in a way that will never complete".
Filter I applied on the firewall:
filter url except 0.0.0.0 0.0.0.0 64.18.218.0 255.255.255.0 allow
filter https except 0.0.0.0 0.0.0.0 64.18.218.0 255.255.255.0 allow
View 9 Replies
View Related
Apr 15, 2013
I have an configuration of ASA 5510:
ASA5510# show run
: Saved
:
ASA Version 8.3(1)
!
hostname ASA5510
domain-name lohoi.local
[Code]..
When i configure to block websites it's ok, but websites unblock to access very slowly, sometime i can't access. My company has 50 users, all most them can't access unblock sites. How can i configure it better?
View 1 Replies
View Related
Jan 20, 2013
I have installed a new ASA5510 with CSC, and everything is working properly except the access to websites using https. All sites/access to them seem to be blocked by the ASA. I have read that this access is by default enabled and I have tried to add configuration to allow https access to the firewall but without success. [code]
View 6 Replies
View Related
May 4, 2013
I have a Cisco ASA 5505 in my home office which has a few PCs behind it with a linux web server running some websites. I can access the websites from outside no problem (i.e. on my iPhone using a 3G connection). However, I struggle to access the websites from within the network. The ASA gives me this error: [code]
View 3 Replies
View Related
Aug 18, 2011
My company has a peer to peer network of 10 personal computers without a server. Operating systems from Windows XP to Vista. I've recently installed a Cisco RV120W Wireless-N VPN Firewall. It's configured in DHCP Server Mode with printers/copiers that have static IPs below the DHCP range.
I'm having a problem with certain stations being used for personal networking, shopping, etc. during business hours. Consequently I would like to limit internet access on these stations. However, some internet access is required because of online database software that's an integral part of our business. I've been reading in the Administration Guide about URL Blocking. Would it be possible to give static IPs to certain stations and then limit their internet access to 1 or 2 specific websites?
FYI, I've read about the Trusted Domains and Blocked Keywords but cannot quite understand how to parley this into the solution I need.
View 1 Replies
View Related
Oct 28, 2012
I seem to be having an issue with my PIX configuration. I can ping the VPN client from the the internal network, but can cannot access any resources from the vpn client. [code]
View 4 Replies
View Related
Jul 7, 2011
I have 2 firewalls in my network: ASA 5505 and PIX 506E. Both firewalls's internal network is in the 192.168.0.0/24 subnet but their external addresses are different of course. The inside IP for ASA 5505 is 192.168.0.254/24 whereas the PIX is 192.168.0.1/24. I've successfully configured VPN on the ASA 5505. I'm able to VPN to the ASA and can ping / access hosts that have the 192.168.0.254 as their gateways.However, I'm unable to ping/access hosts behind the PIX. What do I need to do in order to allow access to the network behind the PIX after I VPN to the ASA? Also, I'm unable to ping 192.168.0.254 after I VPN to the ASA.
View 5 Replies
View Related
Apr 2, 2012
I am trying to give a vendor VPN access so that they can remotely monitor and diagnose their installed heating and cooling equipment. I dont know where to start and I apologize in advance for my ignorance. I am technically savvy but i have no Cisco knowledge base.
It is a PIX 506e firewall with PIX v6.3.
View 1 Replies
View Related
Mar 17, 2013
There is a PIX 506E and ASA5510, with different connection to service provider. Problem is Apple remote users can't access resources protected by the PIX506E. Apple users can access resources protected by ASA5510. Physically the PIX and ASA are in close proximity with no physical connections. Is it possible for Apple users to authenticate with the ASA and the traffic get routed to and get authenticated by the PIX, inorder to access resources?Due to bandwidth restrictions, a DMZ on the ASA will not be created at this time inorder to consolodate firewalls. Currently 2 x T1 is the connection between ASA and ISP; 1 T1 connects PIX to ISP.
View 1 Replies
View Related
Nov 19, 2012
I have a PIX506E that was resently reset and it has version PIX Version 7.1(2) . It either uses some different commands or I am not using them correctly. [code]
View 2 Replies
View Related
May 4, 2013
So i got a Cisco PIX 506e from a friend and want to set it up for a VPN. Though i cant download the PDM (PIX Device Manager) since i dont have a Contract or something like that. So i cant set it up.
View 1 Replies
View Related
Apr 29, 2012
I need to replace an ageing PIX 506e with an ASA 5505.The current setup looks like this: The PIX is used for site-to-site VPN connection via the WAN 2 link. The WAN 1 link is used for general Internet connectivity.I don't have access to the Draytek Router as it is supported by a 3rd party, but I believe it uses static routing to direct the relevant traffic to/from the PIX.
When I replace the PIX with the ASA, the inside i/f connection experiences dropouts - but no errors show in the logs.The only significant difference I can see in the config is that the ASA utilises VLans for the inside & outside interface configs - I used the PIX-to-ASA Migration tool to make the initial configuration on the ASA.In tests, if I only connect the inside i/f of the ASA, pings from the LAN are stable. Once I connect the outside i/f, pings timeout approx 80% of the time.
View 2 Replies
View Related
Jan 10, 2011
I am new to the PIX firewall. And recently implemented the PIX 506e in my network. I wants to know how we can monitor the system that is generating the more traffic on Network through Firewall.
View 4 Replies
View Related
Mar 5, 2011
I am trying to add a username to the local database for remote VPN connection but always i get this error when I add,Encrypted password is of incorrect lengthUsername addition failed.
View 1 Replies
View Related
Mar 11, 2013
I just got a PIX 506e from a friend that was not longer using it. I'm trying to get started with the configuration page. I've reset it to factory defaults, rebooted and connected up ethernet. I can ping the device at 192.168.1.1 and access it via console. I browse the site https://192.168.1.1/startup.html, get the invalid ssl certification, get a login prompt (user/pass) and as the document says I leave it blank. As soon as I hit ok it goes to the 404 error Page Not found.
View 4 Replies
View Related
Mar 22, 2011
What is the easiest way to restore my config? I backed it up yesterday with my tftp server. Today I made some changes and messed some things up and need to restore the config from yesterday.
View 1 Replies
View Related
Feb 26, 2013
I'm getting an error message on my 506E that is saying not enough flash space to install the new version 8 software. I did a clear flashfs command and then tried again but get the same error. Do the PIX 506E can be upgraded from version 6 to version 8? I am trying to install pix804-28.bin.
View 3 Replies
View Related
Dec 31, 2012
ASA Version 9.1(1)
!
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
[Code]....
View 9 Replies
View Related
Sep 20, 2012
I like to set up a pix and router for this network for a small buss, but I need to know what type of cable do I need to set this connection to work straight through or a cross over cable? also I need a subgestion if a nat would work better on the pix or leave it on the router?
View 4 Replies
View Related
Sep 20, 2012
So I was doing some testing with my BB Playbook where I wanted to see what outside connections it tried to make during startup and whatnot. I have a pix 506e running 6.3(5). I created an simple 'deny ip any any' access list on the inside interface so that the Playbook doesn't actually make any connections, but I set up a 'capture' on the inside interface accepting 'ip any any' to see what kind of traffic I could see heading outbound from the Playbook. Well, it started off showing attempts to query DNS (and failed, naturally), but then after a couple of minutes, it tried to connect to a couple of IPs over port 443 and actually got a response!!! For the life of me, I can't figure out how this can happen. NO traffic should be allowed outbound due to my explicit 'deny' rule, but for some reason some traffic on port 443 made it past the firewall and got a response back. There are no other rules in the access list except the 'deny' rule. My PIX configuration is quite simple and I cannot see anything that would allow the Playbook traffic to circumvent the access list.
I've come to think that either RIM has found away around Cisco access-lists, or there is a bug in the Pix OS. I know it's an old appliance/OS, but still. I wouldn't think it could be THAT easy to bypass the firewall.
View 4 Replies
View Related
Mar 27, 2012
I'm trying to configure an ASA 5505 to view my Slingbox from my iPhone/iPad from an outside or 3G network. I can't ping my internal networks while connected via AnyConnect. I know that I need to free up port 5001, but I can't seem to get it to work.
View 0 Replies
View Related
Apr 15, 2012
I have been asked to set up remote access VPN on an ASA 5505 that I previously had no invlovement with. I have set it up the VPN using the wizard, they way I normally do, but the clients have no access to anything in the inside subnet, not even the inside interface IP address of the ASA. Thay can ping each other. The remote access policy below that I am working on is labeled VPNPHONE, address pool 172.16.20.1-10. I do not need split tunneling to be enabled. The active WAN interface is the one labeled outside_cable. [code]
View 1 Replies
View Related
May 28, 2012
I have a cisco asa 5505 firewall. Is it possible to block secure websites in it like [URL]? I have already tried regular expression filtering but it filters only http traffic.
View 4 Replies
View Related
Feb 1, 2011
I am trying to access some websites and unable to do so
View 2 Replies
View Related
Apr 13, 2011
When clicking the Internet Explorer icon it won't open ANY webpage. My Internet connection works perfectly. My other computers are fine.
View 1 Replies
View Related
May 11, 2011
[url]...
I'm in Indore (India), whereas my friend from Mumbai can access them both.Also my ISP is Airtel.
View 3 Replies
View Related
Apr 24, 2012
We were having a discussion of ios firewall vs. asa for smaller clients(less than 50). On using ios firewall(zbf or cbac)and an asa 5505/5510. One of the arguments brought up on using ios firewall on the router is that a router will do an ip sla failover. I have configured a number of isr's for this and i know it works good.
View 1 Replies
View Related
Jan 13, 2013
Getting a message along the lines of: can't access this website when accessing certain websites such as the BBC and my university's intranet as well as random websites, also I can't access things like the online content on games such as far cry 3 or saints row 3.I've tried rebooting the router, I've tried the command prompt tracert, I've tried getting on other browsers with no avail and I've tried the other computers in my house and they've been getting on fine, tried full antivirus and malware scans and I've tried checking my firewall settings.
View 1 Replies
View Related
