EasyManua.ls Logo

Cisco PIX-515E User Manual

Cisco PIX-515E
42 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #5 background image
5
3 Configure the PIX 515E
The PIX 515E comes with a factory-default configuration that meets the needs of most small and
medium business networking environments. A default DHCP server address pool is included for hosts on
the inside interface. The factory-default configuration on the PIX 515E protects your inside network
from unsolicited traffic.
By default, the PIX 515E denies all inbound traffic through the outside interface. Based on your
network security policy, you should also consider configuring the PIX 515E to deny all ICMP traffic
to the outside interface, or any other interface you deem necessary, by entering the icmp command.
For more information about the icmp command, refer to the Cisco PIX Firewall Command Reference.
The PIX 515E contains an integrated web-based configuration
tool called the Cisco PIX Device Manager (PDM), that is
designed to help you set up the PIX Firewall. PDM is
preinstalled on the PIX 515E. To access PDM, make sure that
JavaScript and Java are enabled in your web browser. Refer to
the Cisco PIX Device Manager Installation Guide for more
information on the operating system and web browser
environments supported by PDM.
PDM includes a Startup Wizard for simplified initial
configuration of your PIX Firewall. With just a few steps, the
PDM Startup Wizard enables you to efficiently create a basic configuration that allows packets to flow
through the PIX Firewall from the inside network to the outside network securely. Follow these steps to
use the Startup Wizard:
Step 1 If you have not already done so, connect the inside Ethernet 1 interface of the PIX 515E to a
switch or hub using the Ethernet cable. To this same switch, connect a PC for configuring the
PIX 515E.
Step 2 Configure your PC to use DHCP (to receive an IP address automatically from the PIX 515E)
or assign a static IP address to your PC by selecting an address out of the 192.168.1.0
network. (Valid addresses are 192.168.1.2 through 192.168.1.254 with a mask of 255.255.255.0
and default route of 192.168.1.1.)
Note The inside interface of the PIX 515E is assigned 192.168.1.1 by default, so this
address is unavailable.
Step 3 Check the LINK LED on the PIX 515E Ethernet 1 interface. When connectivity occurs, the
LINK LED on the Ethernet 1 interface of the PIX Firewall and the corresponding LINK LED on
the switch or hub lights up solid green.

Table of Contents

Question and Answer IconNeed help?

Do you have a question about the Cisco PIX-515E and is the answer not in the manual?

Cisco PIX-515E Specifications

General IconGeneral
Concurrent Sessions130, 000
Stateful InspectionYes
Maximum Connections130, 000
RAM128 MB
Flash Memory16 MB
Power SupplyInternal AC
Operating SystemCisco PIX OS
Interfaces6 x 10/100 Ethernet
High AvailabilityYes
Weight15 lbs
Firewall TypeStateful Packet Inspection
Form FactorRackmount
VPN ThroughputUp to 100 Mbps (3DES)

Summary

About the Cisco PIX 515E Firewall

Hardware Features

Lists the physical and performance specifications of the PIX 515E firewall.

Software Features

Details the software capabilities and functionalities of the PIX 515E firewall.

Check Items Included

Included Accessories

Lists all physical components and cables provided with the PIX 515E.

Install the PIX 515E

Physical Installation Steps

Provides step-by-step instructions for physically installing the PIX 515E unit.

Configure the PIX 515E

Initial Configuration Wizard

Guides users through the initial setup using the PDM Startup Wizard.

Example Configurations

DMZ Configuration

Illustrates setting up a Demilitarized Zone (DMZ) for web server security.

Manage IP Pools for Network Translations

Details how to configure IP pools for network address translation (NAT).

Configure Address Translations on Private Networks

Explains Network Address Translation (NAT) and PAT for private networks.

Configure External Identity for the DMZ Web Server

Describes static NAT for making a DMZ server accessible on the Internet.

Provide HTTP Access to the DMZ Web Server

Configures access lists to allow HTTP traffic to the DMZ web server.

Site-to-Site VPN Configuration

Start the VPN Wizard

Initiates the VPN configuration process using the PDM VPN Wizard.

Configure the VPN Peer

Sets up the remote VPN peer's IP address and authentication method.

Configure the IKE Policy

Defines the Internet Key Exchange (IKE) parameters for VPN security.

Configure Internal Traffic

Selects local network traffic to be encrypted through the VPN tunnel.

Select Remote Traffic for VPN

Specifies the remote network traffic to be protected by the VPN tunnel.

View and Enable VPN Commands

Reviews and deploys the generated VPN configuration commands.

Optional Maintenance and Upgrade Procedures

Obtaining Encryption Licenses

Explains how to obtain DES, 3DES, and AES encryption licenses from Cisco.

Using the Activation Key

Provides CLI commands to enter and apply the firewall activation key.

Restore the Default Configuration

Details CLI commands to reset the PIX 515E to its factory default settings.

Alternative Ways to Access the PIX 515E

Console Port Access

Describes connecting via the console port using a serial terminal emulator.

LED Indicators

Front Panel LEDs

Explains the status and meaning of the front panel LED indicators.

Real Panel LEDs

Describes the status and meaning of the PIX 515E's real panel LED indicators.

Documentation and Support Resources

Obtaining Documentation

Lists resources for acquiring Cisco documentation via web and CD-ROM.

Documentation Feedback

Provides contact information for submitting comments on technical documentation.

Obtaining Technical Assistance

Details how to get technical support from Cisco TAC.

Opening a TAC Case

Explains the process and contact methods for opening a TAC support case.

TAC Case Priority Definitions

Defines the priority levels for TAC support cases.

Additional Publications and Information

Information on Cisco Press, Packet magazine, journals, and training.

Related product manuals