Cofiguring PIX 515E

Cisco PIX515E which I need to configure to allow traffic to a new server on an internal IP address using ports 80, 25 and 21... I have a dedicated external IP address and a dedicated Internal IP address for the server... the PIX firewall already is set up... and doing its job.. what is the command line which needs to be inserted to allow this?

Reply to
Loading thread data ...


formatting link

formatting link

Reply to
Jyri Korhonen

formatting link

formatting link

Not sure what OS you are using but this works for us.

object-group service PublicPorts tcp port-object eq smtp port-object eq telnet port-object eq www port-object eq ftp

If this fails ACL will simply be line by line for every port allowed.

Your outside ACL will need something like this, but will need to be integrated into existing ACL access-list outside_acl permit tcp any object-group PublicPorts

Then just map the IP through. static (inside,outside) netmask

That is pretty much it.

Reply to


you need something like this :

access-list outside_in permit any host public-ip-address eq 80 access-list outside_in permit any host public-ip-address eq 25 access-list outside_in permit any host public-ip-address eq 21

access-group outside_in in interface outside

static (inside1,outside) public-ip-address inside-ip-address netmask 768 1024

assuming that you don't have an access-list now on the outside

after implementing : either reload the pix or issue command : clear xlate

then it should work...

Anton wrote:

Reply to
Anton van der Leun Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.