Cisco PIX515E which I need to configure to allow traffic to a new server on an internal IP address using ports 80, 25 and 21... I have a dedicated external IP address and a dedicated Internal IP address for the server... the PIX firewall already is set up... and doing its job.. what is the command line which needs to be inserted to allow this?
Probably:
Not sure what OS you are using but this works for us.
object-group service PublicPorts tcp port-object eq smtp port-object eq telnet port-object eq www port-object eq ftp
If this fails ACL will simply be line by line for every port allowed.
Your outside ACL will need something like this, but will need to be integrated into existing ACL access-list outside_acl permit tcp any object-group PublicPorts
Then just map the IP through. static (inside,outside) netmask
That is pretty much it.
GHello,
you need something like this :
access-list outside_in permit any host public-ip-address eq 80 access-list outside_in permit any host public-ip-address eq 25 access-list outside_in permit any host public-ip-address eq 21
access-group outside_in in interface outside
static (inside1,outside) public-ip-address inside-ip-address netmask
255.255.255.255 768 1024assuming that you don't have an access-list now on the outside
after implementing : either reload the pix or issue command : clear xlate
then it should work...
Anton
snipped-for-privacy@hotmail.com wrote:
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.