The first step in a series on how to configure the Cisco PIX 501 firewall for small and midsized businesses, posted here courtesy of SearchNetworking.com.
A Cisco PIX firewall protects one network from another. In this example, we configure a PIX 501 firewall, which is meant for a small business.
PIX firewalls use the concept of inside interface, which is the internal, usually private, network; and outside interfaces, which is the external, usually public, network. The goal is to protect the inside network from the outside network.
These firewalls utilize the adaptive security algorithm (ASA), which assigns security levels to interfaces and says that no traffic can flow from a lower-level interface (like the outside interface) to a higher-level interface (like the inside interface) without a rule allowing it. The outside interface has a security level of zero and the inside interface has a security level of 100.
Here is what the output of the show nameif command looks like:
pixfirewall# show nameif nameif ethernet0 outside security0 nameif ethernet1 inside security100 pixfirewall#
The ethernet0 interface is the outside interface (its default name) and the security level is 0. The ethernet1 interface is named inside (the default) and has a security level of 100.
PIX firewall configuration
Step 1: The basics
Step 2: Guidelines
Step 3: Configuration setup
Step 4: PIX configuration
Step 5: Network address translation
Step 6: Firewall rules
Step 7: Showing and saving configuration
About the author
David Davis (CCIE #9369, CWNA, MCSE, CISSP, Linux+, CEH) has been in the IT industry for 15 years. Currently, he manages a group of systems/network administrators for a privately owned retail company and authors IT-related material in his spare time. He has written more than 50 articles, eight practice tests and three video courses and has co-authored one book. His Web site is HappyRouter.com.
This tip originally appeared on SearchNetworking.com.