NASA_NBC_Guy Posted January 10, 2007 Report Share Posted January 10, 2007 Hello.I'd really like some help configuring my Cisco PIX 515E to allow uTorrent connections through.I'm running Cisco PIX Firewall Version 6.3(5).I know that there are no access lists or static NAT entries that reference uTorrent.I've tried several things that I've gleaned from various websites, but nothing seems to work.Not a whole lot of people running full-fledged PIX firewalls in their home....I guess I'm just lucky.......DOH!Here is the config (with certain parts eliminated):PIX Version 6.3(5)interface ethernet0 autointerface ethernet1 autointerface ethernet2 auto shutdownnameif ethernet0 outside security0nameif ethernet1 inside security100nameif ethernet2 intf2 security4enable password ___________ encryptedpasswd _________ encryptedhostname "mypix"domain-name none!!!!!!!namesaccess-list 101 permit icmp any host xxxxxxx echo-reply access-list 101 permit icmp any host xxxxxxx source-quench access-list 101 permit icmp any host xxxxxxx unreachable access-list 101 permit icmp any host xxxxxxx time-exceeded pager lines 24logging onlogging timestamplogging console errorslogging buffered notificationslogging trap errorslogging history informationallogging facility 7logging host inside XXX.XXX.XXX.7 6/1468icmp deny any echo outsidemtu outside 1500mtu inside 1500mtu intf2 1500ip address outside dhcp setrouteip address inside xxx.xxx.X.1 255.255.255.0no ip address intf2ip audit name attack2 attack action alarm drop resetip audit interface outside attack2ip audit info action alarmip audit attack action alarmpdm logging informational 512pdm history enablearp timeout 14400global (outside) 1 interfacenat (inside) 1 0.0.0.0 0.0.0.0 0 0timeout xlate 3:00:00timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00timeout sip-disconnect 0:02:00 sip-invite 0:03:00timeout uauth 0:05:00 absolute!!!!http server enablehttp xxxxxxx insideno snmp-server locationno snmp-server contactsnmp-server community publicno snmp-server enable trapsfloodguard enabletelnet xxxxxxx insidetelnet timeout 30ssh timeout 5console timeout 0dhcpd address xxxxxxx insidedhcpd dns xxxxxxxdhcpd lease 3600dhcpd ping_timeout 750dhcpd auto_config outsidedhcpd enable insideI'm not a complete idiot......I'm just a whole lot more familiar with the VOIP side of the house.Any help that you guys could give me would be greatly appreciated.BTW, uTorrent worked very well before I upgraded from my WRT54G v6. The PIX is just too sexy to not use!Thanks in advance.Mike Link to comment Share on other sites More sharing options...
adampetherick Posted January 15, 2007 Report Share Posted January 15, 2007 You will need to add the following lines to get this working, just select everything below as a whole and copy and paste into the PIX in priv mode:object-group service utorrent tcpport-object range 5960 5970exitaccess-list OUTSIDE_AXS_IN permit tcp any gt 1024 interface outside object-group utorrentstatic (inside,outside) tcp interface 5960 <your PC's IP> 5960 netmask 255.255.255.255 0 0access-group OUTSIDE_AXS_IN in interface outside Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.