Content of this BOOK :
Chúc các bạn luôn vui 1!!
PIX Lab Setup .................................................. .................................................. ...........................................9
1.0 Basic Firewall Setup............................................. .................................................. ........................10
ANSWER .................................................. .................................................. ...................................11
2.0 Console Password setup .................................................. .................................................. ...........13
ANSWER .................................................. .................................................. ...................................14
3.0 Telnet setup .................................................. .................................................. ...............................16
ANSWER .................................................. .................................................. ...................................17
4.0 Default firewall rules............................................. .................................................. ........................20
ANSWER .................................................. .................................................. ...................................21
5.0 Numbered Access-list (ACL)............................................. .................................................. ...........23
ANSWER .................................................. .................................................. ...................................24
6.0 Named Access-list (ACL)............................................. .................................................. ................27
ANSWER .................................................. .................................................. ...................................28
7.0 Conduit........................................... .................................................. ..............................................31
ANSWER .................................................. .................................................. ...................................32
8.0 Access-lists – opening the PIX for certain ports .................................................. ..........................35
ANSWER .................................................. .................................................. ...................................36
9.0 Passing routing protocols through the firewall .................................................. .............................44
ANSWER .................................................. .................................................. ...................................45
10.0 Pinging the PIX interface......................................... .................................................. .....................53
ANSWER .................................................. .................................................. ...................................54
11.0 Pinging/Traceroute Inbound Through the Firewall (Microsoft Host on the outside) ......................57
ANSWER .................................................. .................................................. ...................................58
12.0 Pinging/Traceroute Inbound Through the Firewall (Microsoft Host on the inside) ........................62
ANSWER .................................................. .................................................. ...................................63
13.0 Pinging/Traceroute Inbound Through the Firewall (Cisco Router on the outside) ........................69
ANSWER .................................................. .................................................. ...................................70
14.0 Pinging/Traceroute Inbound Through the Firewall (Cisco Router on the inside)........................... 78
ANSWER .................................................. ...................................
16.0 Port Object Groups .................................................. .................................................. ....................90
ANSWER .................................................. .................................................. ...................................91
17.0 Service Object Groups .................................................. .................................................. ...............95
ANSWER .................................................. .................................................. ...................................96
18.0 ICMP Object Groups............................................ .................................................. ......................101
ANSWER .................................................. .................................................. .................................102
19.0 Basic PAT .................................................. .................................................. ................................108
ANSWER .................................................. .................................................. .................................109
20.0 Interface PAT .................................................. .................................................. ...........................114
ANSWER .................................................. .................................................. .................................115
21.0 PIX – Single NAT pool .................................................. .................................................. ............119
ANSWER .................................................. .................................................. .................................120
22.0 PIX - Multiple NAT pools............................................. .................................................. ...............125
ANSWER .................................................. .................................................. .................................126
23.0 Static NAT .................................................. .................................................. ................................131
ANSWER .................................................. .................................................. .................................132
24.0 Static NAT and PAT to outside interface .................................................. ...................................136
ANSWER .................................................. .................................................. .................................137
25.0 Static NAT and PAT pool .................................................. .................................................. .........143
ANSWER .................................................. .................................................. .................................144
26.0 NO NAT – don’t NAT anything.......................................... .................................................. .........150
ANSWER .................................................. .................................................. .................................151
27.0 NO NAT – using static command........................................... .................................................. ....155
ANSWER .................................................. .................................................. .................................156
28.0 NO NAT – using access-list .................................................. .................................................. .....160
ANSWER .................................................. .................................................. .................................161
29.0 Port Redirection with Static NAT............................................... .................................................. .167
ANSWER .................................................. .................................................. .................................168
30.0 NAT – web server on DMZ interface......................................... .................................................. .175
ANSWER .................................................. .................................................. .................................176
31.0 Static Routes............................................ .................................................. ..................................181
ANSWER .................................................. .................................................. .................................182
32.0 RIP version 1................................................. .................................................. .............................187
ANSWER .................................................. .................................................. .................................188
33.0 RIP default route advertise .................................................. .................................................. ......192
ANSWER .................................................. .................................................. .................................193
34.0 RIP version 2 MD5 authentication .................................................. .............................................198
ANSWER .................................................. .................................................. .................................199
35.0 PIX – Web server – DNS Doctoring......................................... .................................................. ..205
ANSWER .................................................. .................................................. .................................207
36.0 Java filter............................................ .................................................. ........................................208
ANSWER .................................................. .................................................. .................................209
37.0 Activex filter............................................ .................................................. ....................................210
ANSWER .................................................. .................................................. .................................211
38.0 Websense filter .................................................. .................................................. ........................212
ANSWER .................................................. .................................................. .................................213
39.0 Sysopt Command........................................... .................................................. ............................214
ANSWER .................................................. .................................................. .................................215
40.0 IDS .................................................. .................................................. ...........................................216
ANSWER .................................................. .................................................. .................................217
41.0 DHCP Client............................................ .................................................. ...................................219
ANSWER .................................................. .................................................. .................................220
42.0 DHCP Server .................................................. .................................................. ...........................221
ANSWER .................................................. .................................................. .................................222
43.0 Fixup Protocol .................................................. .................................................. ..........................223
ANSWER .................................................. .................................................. .................................224
44.0 Syslog............................................ .................................................. .............................................226
ANSWER .................................................. .................................................. .................................227
45.0 SNMP.............................................. .................................................. ...........................................230
ANSWER .................................................. .................................................. .................................231
46.0 Unicast RPF .................................................. .................................................. .............................233
ANSWER .................................................. .................................................. .................................234
47.0 NTP .................................................. .................................................. ..........................................237
ANSWER .................................................. .................................................. .................................238
48.0 Turbo ACL............................................... .................................................. ...................................239
ANSWER .................................................. .................................................. .................................240
49.0 Enable Auto Update Support .................................................. .................................................. ...241
ANSWER .................................................. .................................................. .................................242
50.0 Establishing a VPN tunnel through the firewall.......................................... ..................................243
ANSWER .................................................. .................................................. .................................244
51.0 PIX–to-PIX Point-to-Point VPN tunnel .................................................. .......................................250
ANSWER .................................................. .................................................. .................................251
52.0 PIX–to-Router Point-to-Point VPN tunnel .................................................. ..................................262
ANSWER .................................................. .................................................. .................................263
53.0 PIX –to-Router Dynamic-to-Static IPSec with NAT .................................................. ...................273
ANSWER .................................................. .................................................. .................................274
55.0 PIX –to-Router Point-to-Multipoint (2 Routers and 1 PIX) VPN tunnel........................................284
ANSWER .................................................. .................................................. .................................287
1.0 Basic Firewall Setup............................................. .................................................. ........................10
ANSWER .................................................. .................................................. ...................................11
2.0 Console Password setup .................................................. .................................................. ...........13
ANSWER .................................................. .................................................. ...................................14
3.0 Telnet setup .................................................. .................................................. ...............................16
ANSWER .................................................. .................................................. ...................................17
4.0 Default firewall rules............................................. .................................................. ........................20
ANSWER .................................................. .................................................. ...................................21
5.0 Numbered Access-list (ACL)............................................. .................................................. ...........23
ANSWER .................................................. .................................................. ...................................24
6.0 Named Access-list (ACL)............................................. .................................................. ................27
ANSWER .................................................. .................................................. ...................................28
7.0 Conduit........................................... .................................................. ..............................................31
ANSWER .................................................. .................................................. ...................................32
8.0 Access-lists – opening the PIX for certain ports .................................................. ..........................35
ANSWER .................................................. .................................................. ...................................36
9.0 Passing routing protocols through the firewall .................................................. .............................44
ANSWER .................................................. .................................................. ...................................45
10.0 Pinging the PIX interface......................................... .................................................. .....................53
ANSWER .................................................. .................................................. ...................................54
11.0 Pinging/Traceroute Inbound Through the Firewall (Microsoft Host on the outside) ......................57
ANSWER .................................................. .................................................. ...................................58
12.0 Pinging/Traceroute Inbound Through the Firewall (Microsoft Host on the inside) ........................62
ANSWER .................................................. .................................................. ...................................63
13.0 Pinging/Traceroute Inbound Through the Firewall (Cisco Router on the outside) ........................69
ANSWER .................................................. .................................................. ...................................70
14.0 Pinging/Traceroute Inbound Through the Firewall (Cisco Router on the inside)........................... 78
ANSWER .................................................. ...................................
16.0 Port Object Groups .................................................. .................................................. ....................90
ANSWER .................................................. .................................................. ...................................91
17.0 Service Object Groups .................................................. .................................................. ...............95
ANSWER .................................................. .................................................. ...................................96
18.0 ICMP Object Groups............................................ .................................................. ......................101
ANSWER .................................................. .................................................. .................................102
19.0 Basic PAT .................................................. .................................................. ................................108
ANSWER .................................................. .................................................. .................................109
20.0 Interface PAT .................................................. .................................................. ...........................114
ANSWER .................................................. .................................................. .................................115
21.0 PIX – Single NAT pool .................................................. .................................................. ............119
ANSWER .................................................. .................................................. .................................120
22.0 PIX - Multiple NAT pools............................................. .................................................. ...............125
ANSWER .................................................. .................................................. .................................126
23.0 Static NAT .................................................. .................................................. ................................131
ANSWER .................................................. .................................................. .................................132
24.0 Static NAT and PAT to outside interface .................................................. ...................................136
ANSWER .................................................. .................................................. .................................137
25.0 Static NAT and PAT pool .................................................. .................................................. .........143
ANSWER .................................................. .................................................. .................................144
26.0 NO NAT – don’t NAT anything.......................................... .................................................. .........150
ANSWER .................................................. .................................................. .................................151
27.0 NO NAT – using static command........................................... .................................................. ....155
ANSWER .................................................. .................................................. .................................156
28.0 NO NAT – using access-list .................................................. .................................................. .....160
ANSWER .................................................. .................................................. .................................161
29.0 Port Redirection with Static NAT............................................... .................................................. .167
ANSWER .................................................. .................................................. .................................168
30.0 NAT – web server on DMZ interface......................................... .................................................. .175
ANSWER .................................................. .................................................. .................................176
31.0 Static Routes............................................ .................................................. ..................................181
ANSWER .................................................. .................................................. .................................182
32.0 RIP version 1................................................. .................................................. .............................187
ANSWER .................................................. .................................................. .................................188
33.0 RIP default route advertise .................................................. .................................................. ......192
ANSWER .................................................. .................................................. .................................193
34.0 RIP version 2 MD5 authentication .................................................. .............................................198
ANSWER .................................................. .................................................. .................................199
35.0 PIX – Web server – DNS Doctoring......................................... .................................................. ..205
ANSWER .................................................. .................................................. .................................207
36.0 Java filter............................................ .................................................. ........................................208
ANSWER .................................................. .................................................. .................................209
37.0 Activex filter............................................ .................................................. ....................................210
ANSWER .................................................. .................................................. .................................211
38.0 Websense filter .................................................. .................................................. ........................212
ANSWER .................................................. .................................................. .................................213
39.0 Sysopt Command........................................... .................................................. ............................214
ANSWER .................................................. .................................................. .................................215
40.0 IDS .................................................. .................................................. ...........................................216
ANSWER .................................................. .................................................. .................................217
41.0 DHCP Client............................................ .................................................. ...................................219
ANSWER .................................................. .................................................. .................................220
42.0 DHCP Server .................................................. .................................................. ...........................221
ANSWER .................................................. .................................................. .................................222
43.0 Fixup Protocol .................................................. .................................................. ..........................223
ANSWER .................................................. .................................................. .................................224
44.0 Syslog............................................ .................................................. .............................................226
ANSWER .................................................. .................................................. .................................227
45.0 SNMP.............................................. .................................................. ...........................................230
ANSWER .................................................. .................................................. .................................231
46.0 Unicast RPF .................................................. .................................................. .............................233
ANSWER .................................................. .................................................. .................................234
47.0 NTP .................................................. .................................................. ..........................................237
ANSWER .................................................. .................................................. .................................238
48.0 Turbo ACL............................................... .................................................. ...................................239
ANSWER .................................................. .................................................. .................................240
49.0 Enable Auto Update Support .................................................. .................................................. ...241
ANSWER .................................................. .................................................. .................................242
50.0 Establishing a VPN tunnel through the firewall.......................................... ..................................243
ANSWER .................................................. .................................................. .................................244
51.0 PIX–to-PIX Point-to-Point VPN tunnel .................................................. .......................................250
ANSWER .................................................. .................................................. .................................251
52.0 PIX–to-Router Point-to-Point VPN tunnel .................................................. ..................................262
ANSWER .................................................. .................................................. .................................263
53.0 PIX –to-Router Dynamic-to-Static IPSec with NAT .................................................. ...................273
ANSWER .................................................. .................................................. .................................274
55.0 PIX –to-Router Point-to-Multipoint (2 Routers and 1 PIX) VPN tunnel........................................284
ANSWER .................................................. .................................................. .................................287
Code:
http://ifile.it/o0ru4jl
Comment