NAT on PIX 501 and inside server

Hi there,

I have a PIX 501 with a public IP address on the outside interface. On the inside interface a server is connected with the ip

What do I need to configure to have that server reachable from the outside (remote desktop)? I suppose I need some kind on NAT on the port 3389.

But what do I do in the config files?

Best Regards Martin

Reply to
Loading thread data ...

Hi Martin,

What you need is first an access-list, and then a static statement to point to the server behind the PIX.

For example:

access-list allow_inbound permit tcp any interface outside eq 3389

static (inside, outside) tcp interface 3389 3389 netmask 0 0

Also, after you enter both of these commnads make sure that you reload the access-group for the access-list. By using the command.

access-group allow_inbound in interface outside and then the command clear xlate.

That should work for you. If you have anymore with the commands let me know.

vreyesii wrote:

Reply to

Thank you for your help :-)

What if I only want two public IP's to have access?

Best Regards Martin

vreyesii skrev:

Reply to

It is working now... just two access-list's

Regards Martin skrev:

Reply to
mwa Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.