Cisco 501 PIX port forwarding (outside DHCP)


I am trying to switch from a Cyberguard 570 to a Cisco 501 PIX. The PIX I have read about creating a forwarding rule but they all centered around a static external IP. IE something like this: static (inside,outside) tcp netmask 0 0

however how would I create this rule with a DHCP assigned external IP address?

Also the access-list would need to be created as well from what I understand...would that be something like this?


or in my case specifically

access-list torrents permit tcp

7684 7684

I guess overall my question is how to identify a DHCP assigned external interface IP address in these rules.

Reply to
Loading thread data ...

I recommend for PIX questions.

static (inside,outside) tcp interface OUTSIDEPORT INSIDEADDRESS INSIDEPORT netmask 0 0

For outside access to inside,

access-list torrents permit tcp any interface outside eq 7684 access-group torrents in interface outside

You cannot explicitly do so, but you can use the keyword 'interface' in 'static' and the keyword 'interface outside' in ACLs.

Reply to
Walter Roberson

Thank you, I will try that this afternoon.

Reply to
Jaytee Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.