Questions on PIX 501

Hello,

The scenario is the following, would it be possible?

1 PIX 501 with a DHCP external IP. The PIX is not supposed to reboot often, like, ... never :-)

Behind the PIX, 172.25.80.0/24, .1 being the inside IP address.

For the Lan behind, 172.25.80.10-20 will be assigned dynamically, PIX being a dhcp server for the inside.

Inside the LAN, my question is about a FreeBSD sever I want to assign a static IP, like .50. From the Outside internet, I need to static nat the inside FreeBSD to reach the SSH port on 22/tcp. Being said the PIX 501 will not be reached from the external Internet on the SSH management port, it is possible to nat the 22/tcp external IP to the inside freeBSD server?

Thank you,

Marc

Reply to
Marc
Loading thread data ...

Marc,

If you have enabled shh on the pix. You can not open ssh grom internet to your freebsd.

I have solve this problem to my freebsd with "PAT" port 22 to 2222

access-list outin permit tcp any any eq 2222 static (inside,outside) tcp interface 2222 bsd ssh netmask

255.255.255.255 0 0 access-group outin in interface outside

//Jan

Reply to
Mr Ping

yes you can do that

see

formatting link

Reply to
Merv

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.