02-20-2007 10:27 AM
Need to forward Ports 5900 and 443 to an Internal IP Address on a Pix 501. What would the commands be do make this work?
Also, What if I just wanted to open a port for any internal and external? IE Port 7777.
Thanks
Solved! Go to Solution.
02-20-2007 10:44 AM
static (inside,outside) tcp globalip 443 localip 443 netmask 255.255.255.255
In the same way you do it for 5900 port too.
For allowing port 7777 to travel to inside network you need to define an access-list like access-list network-1 permit tcp host 10.1.1.10 host 172.16.1.10 eq 7777 and also give a static nat to allow traffic to reach 172.16.1.10
HTH
Hoogen
Do rate if this helps :)
02-20-2007 10:44 AM
static (inside,outside) tcp globalip 443 localip 443 netmask 255.255.255.255
In the same way you do it for 5900 port too.
For allowing port 7777 to travel to inside network you need to define an access-list like access-list network-1 permit tcp host 10.1.1.10 host 172.16.1.10 eq 7777 and also give a static nat to allow traffic to reach 172.16.1.10
HTH
Hoogen
Do rate if this helps :)
02-20-2007 10:51 AM
Thanks
However, the customer has no idea what the global IP is. Or is this the Wan IP? I thought it would be the wan ip of who it is orginating from. Same for port 7777.
02-20-2007 10:55 AM
Yes this is your public wan ip.
HTH
Hoogen
Do rate if this helps :)
02-20-2007 11:04 AM
So I could do a
static (inside,outside) tcp globalIP 443 any 443 netmask 255.255.255.255
and
access-list outside_in permit tcp any host any eq 7777
02-20-2007 11:10 AM
The first one is all right remember you also need an access-list permiting 443 for that.
And the second one the syntax is wrong i think u probably could use access-list outside_in extended permit tcp any any eq 7777
HTH
Hoogen
Do rate if this helps :)
02-20-2007 11:35 AM
access-list 100 permit tcp any any eq 443
static (inside, outside) tcp globalIP 443 any 443 netmask 255.255.255.255
Does this look better?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide