I'm trying to setup a server on a PIX 515 DMZ interface and allow it to
> talk freely to the Internet going outbound while allowing only inbound
> port 3389 traffic?
There is no ACL for the nated host to get out.
> Here's what I have at this time for the dmz interface >>
>
>
>
> nameif ethernet2 dmz security50
>
> ip address dmz 172.16.128.1 255.255.255.0
>
> static (dmz,outside) tcp 12.166.12.33 3389 172.16.128.11 3389 netmask
> 255.255.255.255 0 0
>
> access-list dmz-in permit tcp any host 12.166.12.33 eq 3389
>
> access-group dmz-in in interface outside
>