Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: PIX 501 port forwarding question

PIX 501 port forwarding question 10 years 6 months ago #14725

  • danherbon
  • danherbon's Avatar
  • Offline
  • Frequent Member
  • Posts: 24
  • Karma: 0
Hello,

I am trying to setup port forwarding on my pix 501. i have an internal server that runs an application on port 2666-2667. i want to set it up so that any request on the external network to our public ip of 77.x.x.x on port 2666-2667 is sent to the internal server at 10.1.1.7 and it can send responses back to the client. Should I do this with port forwarding? This is what I have setup after reading over the PIX command documentation:

access-list outside_access_in permit tcp any interface outside range 2666 2667
static (inside,outside) tcp interface 2666 10.1.1.7 2666 netmask 255.255.255.255 0 0
static (inside,outside) tcp interface 2667 10.1.1.7 2667 netmask 255.255.255.255 0 0

I have something setup wrong because the application cannot communicate with the internal server from the external network.

any help that can point me in the right direction is much appreciated.

love this board!
The administrator has disabled public write access.

Re: PIX 501 port forwarding question 10 years 6 months ago #14732

  • GizmoFut
  • GizmoFut's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
You also need to "link" the access list to the right interface.

Try this command:

access-group outside_access_in in interface outside

That works for me...
The administrator has disabled public write access.

Re: PIX 501 port forwarding question 10 years 6 months ago #14735

  • danherbon
  • danherbon's Avatar
  • Offline
  • Frequent Member
  • Posts: 24
  • Karma: 0
i think that works. thanks.

one more quick question. if I have a second public IP bound on the firewall, can I NAT that IP to an internal IP with the PIX 501?

all requests to 77.x.x.22 goto 10.1.1.9
The administrator has disabled public write access.
Time to create page: 0.074 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup