Results 1 to 6 of 6

Thread: Cisco Pix 515 Help.

  1. #1
    Senior Member
    Join Date
    Aug 2003

    Cisco Pix 515 Help.

    I have an application called ZipForm that needs to communicate outside of your firewall to a 3rd party website to retrieve registration information and updates.
    The application launches a file called registration.exe that communicates via the web with an ASP page to download the info. It will not allow communication and the error message states that it could not connect to the internet. The windows firewall is off, and I have called their tech support people and they told me that I need to configure my cisco firewall but they could not give me any information on how to configure it. Do I need to run a command o nthe firewall to allow registration.exe to communicate outside the LAN?
    Any help is greatly appreciated. Thanks.
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  2. #2
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Unfortunately since you haven't provided the slightest amount of useful information it makes it darn near impossible to answer your question.

    Yes, the tech support people were right, but I'll add something to their instructions.

    First, RTFM, read the manuals that came with the thing, they were written and printed for a very good reason.

    Second, after you've read the instruction, then you'll need to configure your firewall.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  3. #3
    Senior Member bAgZ's Avatar
    Join Date
    Jul 2001
    Find out on which port your application talks to the remote server and then just open
    that port on your PIX firewall.
    "If I'd asked my customers what they wanted, they'd have said a faster horse." ~ Henry Ford

  4. #4
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    You can also 'sniff' on the firewall using 'debug packet'. Just type it after you are in with enable, it'll give you the options...

    BE WARNED: Make your filter specific, if you dump all traffic (rather than writing a specific filter, like : 'tcp and port 80 and dst <hostwithexefile>' and that firewall serves alot of customers you can crash the PIX...There is another way to sniff traffic on the PIX but I can't remember the command off the top of my head (it is a better one since you don't run the risk of crashing it, at least not as much risk). To turn it off, just type the same command with 'no' in front of it...

    In general, PIX with the fixup doesn't fitler on HTTP content (unless handed off to a third party vendor like websense, in which case it could...) You definitely need to supply more information for a better answer...
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  5. #5
    Senior Member
    Join Date
    Aug 2003
    Guys sorry for the lack of info on my original post. I pretty much checkeded everything that needed to be looked at. It's just that this program was obviously designed from someone that uses dial up or broadband. It appears that the program transmits data from the ip and port on the local machine192.168.5.211:2411 to Syn_sent. The port is open on the firewall. I'm not sure, but to me it seems like having an ISA server and a PIX firewall between clients and the internet, totally fubars the registration process via the web. Their tech support just wants you to allow the executeable in the windows firewall, but I don't have the windows firewalls on my clients turned on.
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  6. #6
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Washington D.C. area
    What's actually in the packet stream to the remote host? Is there anything silly in there like IP based auth or some other half ass vendor stupidity?

    Two things I would do. First, I would use a spanning port to sniff at the firewall traffic instead of using the method that Neb suggested simply because there have been times when I actually have done what he warns of even though I *thought* the filter was specific enough.

    Second, I would see if there is a way to watch the conversation between the localhost and the remote host clear of your ISA and PIX. After seeing how that works, I would look for obvious stupidity. If none is apparent, then I would introduce the ISA and PIX one at a time to see if I can at least figure out where I need to dig deeper.

    Anyway, fwiw.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts