Hello,
I'm trying to set up port forwarding on PIX firewall to one of my hosts in LAN (192.168.1.12) and I'm stuck with it.
I added necessary access-lists and static rules I've also applied the access-list rules...
access-group outsidein in interface outside access-group INSIDEin in interface inside
....but it still doesn't work.
Could anyone help me with it?
Please find in below few lines from my config file from PIX
PIX Version 6.3(4) interface ethernet0 auto interface ethernet1 auto nameif ethernet0 outside security0 nameif ethernet1 inside security100 (...) fixup protocol tftp 69 names object-group service kk_mb tcp-udp description stuff port-object range 4662 4662 access-list INSIDEin permit icmp any any access-list INSIDEin permit tcp any any eq www access-list INSIDEin permit tcp any any eq https access-list INSIDEin permit tcp any any eq ftp access-list INSIDEin permit tcp any any eq domain access-list INSIDEin permit udp any any eq domain access-list INSIDEin permit tcp any any eq 10000 access-list INSIDEin permit udp any any access-list INSIDEin permit tcp any any eq telnet access-list INSIDEin permit tcp any any eq smtp access-list INSIDEin permit tcp any any eq pop3 access-list INSIDEin permit tcp any any eq ssh access-list INSIDEin permit tcp any any eq nntp access-list INSIDEin permit tcp any any eq 5222 access-list INSIDEin permit tcp any any eq 5223 access-list INSIDEin permit tcp any any eq 4661 access-list outsidein permit icmp any any access-list outside permit tcp any host pix_ip_address eq 4661 (...) global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) tcp interface 4662 192.168.1.12 4662 netmask
255.255.255 ..255 0 0 static (inside,outside) udp interface 4662 192.168.1.12 4662 netmask 255.255.255 ..255 0 0 access-group outsidein in interface outside access-group INSIDEin in interface insideRegards, Chris.