From: Nguyen, Han (Contractor) (Han.Nguyen@ed.gov)
Date: Wed May 07 2003 - 11:42:04 GMT-3
Here it is:
Han.
-----Original Message-----
From: Wright, Jeremy [mailto:wright@admworld.com]
Sent: Wednesday, May 07, 2003 9:00 AM
To: 'ccielab@groupstudy.com'
Cc: 'security@groupstudy.com'
Subject: PIX 501 Default Configuration
Does anyone have a copy of the default PIX 501 configs? I was doing other
testing with it and I obviously changed the default configs. When I did a wr
erase and reload, the configs came up different than what it shipped with.
Thanks.
*****************************************
Jeremy Wright
CCIE# 11168
Network Analyst
Archer Daniels Midland
wright@admworld.com
(217)451-4063
*****************************************
CONFIDENTIALITY NOTICE:
This message is intended for the use of the individual or entity to
which it is addressed and may contain information that is privileged,
confidential and exempt from disclosure under applicable law. If the reader
of this message is not the intended recipient or the employee or agent
responsible for delivering this message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited.
If you have received this communication in error, please notify us
immediately by email reply or by telephone and immediately delete this
message and any attachments. In the U.S. call us toll free at (800)
637-5843.
Spanish, French, Quebecois French, Portuguese, Polish, German,
Dutch, Turkish, Russian, Japanese and Chinese:
http://www.admworld.com/confidentiality.htm.
PIX Version 6.1(1)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password MxRd0CzOrMyMtfwU encrypted
passwd MxRd0CzOrMyMtfwU encrypted
hostname pix
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
fixup protocol http 81
names
pager lines 24
logging monitor critical
logging buffered notifications
interface ethernet0 10baset
interface ethernet1 10full
mtu outside 1500
mtu inside 1500
ip address outside dhcp setroute
ip address inside 192.168.1.1 255.255.255.0
ip verify reverse-path interface outside
ip verify reverse-path interface inside
ip audit info action drop reset
ip audit attack action drop reset
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
url-cache dst 100KB
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
no floodguard enable
no sysopt route dnat
telnet 192.168.1.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
dhcpd address 192.168.1.2-192.168.1.33 inside
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
terminal width 80
!
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:38 GMT-3