4. Cisco –> pfSense verbage translation

Cisco –> pfSense verbage translation

  • L

    My Cisco PIX box died this week and I replaced it with a pfSense installation. I have a rule in my PIX that I cannot translate to pfSense. Below are the two lines in my PIX config I need to add to pfSense.

    access-list 101 permit tcp 208.81.237.128 255.255.255.192 host 165.138.7.50 eq 144

    pdm location 208.81.237.128 255.255.255.192 outside

    TIA

    0
  • C

    for the ACL it depends on where it was applied. Those are basically identical, you need the same rule on the interface where that was applied on the PIX. Only diff being if it's traffic in from the Internet, NAT applies first in PF, after rules in PIX, so the dest IP is the private IP in PF.

    The "pdm location" equivalent is just adding a firewall rule on WAN.

    0
  • G

    pdm location 208.81.237.128 255.255.255.192 outside

    This line allows pix device manger (horrorable java gui imo) to be access from the outside. If you still want this, you would need to open web mgt to your pfsense box from the outside for this particular subnet.

    0
  • L

    Being a noob to pfSense and by far not a guru in firewalls, I pretty much need it spelled out for me at least once. Then I get it for any additional entries I may need to do.

    0
  • C

    it depends. Do you have a NAT entry applying to traffic on the ACL line posted?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy