1. Home
  2. Networking Firewalls
  3. Cisco 501 PIX port forwarding (outside DHCP)

Cisco 501 PIX port forwarding (outside DHCP)

Hello,

I am trying to switch from a Cyberguard 570 to a Cisco 501 PIX. The PIX I have read about creating a forwarding rule but they all centered around a static external IP. IE something like this: static (inside,outside) tcp netmask 0 0

however how would I create this rule with a DHCP assigned external IP address?

Also the access-list would need to be created as well from what I understand...would that be something like this?

access-list

or in my case specifically

access-list torrents permit tcp

7684 192.168.1.100 7684

I guess overall my question is how to identify a DHCP assigned external interface IP address in these rules.

Reply to
Jaytee
Loading thread data ...

I recommend comp.dcom.sys.cisco for PIX questions.

static (inside,outside) tcp interface OUTSIDEPORT INSIDEADDRESS INSIDEPORT netmask 255.255.255.255 0 0

For outside access to inside,

access-list torrents permit tcp any interface outside eq 7684 access-group torrents in interface outside

You cannot explicitly do so, but you can use the keyword 'interface' in 'static' and the keyword 'interface outside' in ACLs.

Reply to
Walter Roberson

Thank you, I will try that this afternoon.

Reply to
Jaytee

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.