03-05-2007 06:51 PM - edited 03-11-2019 02:42 AM
I have a pix 501 and have been banging my head against the wall. I need to open ports
? UDP 88
? UDP 3074
? TCP 3074
for xbox live.
My outside interface is dhcp and my xbox ip is 10.6.1.12
How do I nat 10.6.1.12 and create and access list for those ports?
Much help is appreciated
03-05-2007 08:55 PM
Try the following configuration:
!--- Outside address configured to receive the DHCP IP address and default route
ip address outside dhcp setroute
!--- Inside address configured as you need
ip address inside 10.6.1.254 255.255.255.0
!--- nat inside hosts
global (outside) 1 interface
nat (inside) 1 10.6.1.0 255.255.255.0 0 0
!--- acl applied on the outside interface
access-group acl_outside in interface outside
!--- acl for the outside interface
access-list acl_outside remark ## HOST 10.6.1.12
access-list acl_outside permit tcp any any eq 3074
access-list acl_outside permit udp any any eq 88
access-list acl_outside permit udp any any eq 3074
access-list acl_outside deny ip any any
!--- static nat with dhcp interface
static (inside,outside) interface 10.6.1.12 netmask 255.255.255.255 0 0
HTH
Roberto
03-06-2007 07:52 AM
hi roberto,
your configuration has a blunder.
static (inside,outside) interface 10.6.1.12 netmask 255.255.255.255 0 0
you have binded the interface ip address to 10.6.1.12.
by this,only 10.6.1.12 will nat using the dhcp ip address and the rest of the internal ip addresses will not be pat' ed into the interface ip address ( as static always takes precedence over the nat and global ).
now,let me give the correct static statements.port forwarding will be the catch here:
static (inside,outside) tcp interface 3074 10.6.1.12 3074
static (inside,outside) tcp interface 3074 10.6.1.12 3074
static (inside,outside) udp interface 3074 10.6.1.12 3074
static (inside,outside) tcp interface 88 10.6.1.12 88
cl xlate
try this.
will surely work.
cheers!!
Sushil
03-06-2007 07:54 AM
oops,i added a static statement twice.please ignore the second one.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: