Re: RDP to Win2003 server thru PIX

You are correct... we have additional public addresses that are not in
use

Can you point me in a direction ...?

How to assign the inside IP to a differnt public IP..?

Then the rules that you originally sent should work...

--Walter



Walter Roberson wrote:
In article <1156934316.459607.213920@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
W Abucewicz <wabucewicz@xxxxxxxxx> wrote:
As you can tell, I have little Cisco experience..
Looks like an upgrade is needed... is that a firmware upgrade or
something more involved?

It would not be a firmware upgrade, but if the device is sufficiently
old then it might require two stages. Based upon the configuration
(or, more correctly, what the configuration does NOT contain), and
based upon my knowledge of which devices existed at which stage of PIX OS,
I would hypothesize that the device is a PIX 506 (but not 506E).
Is that correct?

Upgrading a PIX 506 is relatively easy, but there would be a non-trivial
cost to upgrading one that old. Cisco's price lists are a maze
full of red herrings, so the best I can estimate is $US 1000 to get the
software upgrade. It might not be worth it from an investment point of
view, as the PIX 506 now seems to be quite unlikely to be supported in
PIX 7.x.


Your outside IP address has a netmask of 255.255.255.248 indicating
that the ISP has assigned a range of 8 IPs to the connection.
Two of those are reserved (by the IP protocols), one would be allocated
to your end of the connection, one would be allocated to their end of
the connection -- and that leaves 4 unaccounted for.

You may thus *already* have additional public IPs that you can use. If
so then you do not need any software upgrade: the restrictions I discussed
before had to do with using the PIX outside interface IP -itself-
as the target of incoming connections; using a different IP in the
same subnet is fair game, if you have the IP.

.

Relevant Pages

  • Re: How do I upgrade the IOS on a Cisco Pix firewall from 4.4 to 6.3?
    ... my boss put one on my desk and asked me to upgrade it to 6.35. ... PIX Classic: cannot be done -- does not run PIX 6.x software ... It is thus not acceptable to Cisco to upgrade it now ... to PIX 6.3 under the terms of any support contract. ...
    (comp.security.firewalls)
  • Re: Pix fail-over questions
    ... How to upgrade the PIX Firewall software in a failover scenario. ... command on the primary PIX, or power off the primary PIX. ... failover groups on the unit to achieve the same active/standby state ...
    (comp.dcom.sys.cisco)
  • Re: Upgrading a PIX failover pair
    ... >> There used to be lengthy instructions in the PIX documentation about the ... >> Cisco-blessed way to upgrade a PIX failover pair, ... If the application is as downtime sensitive as the use of a failover ... so network connections than it is to wait for it to boot up. ...
    (comp.dcom.sys.cisco)
  • Re: Upgrading PIX 515 from 5.1 to 7.x
    ... eBay so if I needed to upgrade to 128MB I could probably afford this. ... have read however that PIX OS and activation keys are tied to the ... allow me to simply upgrade to 3DES, this activation key would be extra ... If you were to install PIX 7 on it, then you would need 128 MB ...
    (comp.dcom.sys.cisco)
  • VoIP QoS - need suggestions
    ... Asterisk server behind a Cisco PIX 515e running 6.3. ... not my problem - the problem is obviously the T1 connection. ... I'd like to upgrade the 2620, so I had the flash and ...
    (comp.dcom.sys.cisco)