PIX port forward

Unanswered Question
May 30th, 2007

I have a Pix 515e that I need to forward a port. this should be a simple task but for some reason it is not working. I have attached my config file

I need to forward FTP to mcs-sbs01 I have the nat setup in the config I attached it has ** above and below it to help you find it.

I can't seem to get an access rule that allows traffic through.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
hoogen_82 Thu, 05/31/2007 - 10:04

Is your static nat outside ip address related to the outside interface ip?

ip address outside ******.194 255.255.255.192

static (inside,outside) tcp 65.23.46.194 ftp mcs-sbs01 ftp netmask 255.255.255.255 0 0

If so you need to make a small change on the static statement, instead of putting the ip address of the outside interface use the keyword interface

static (inside,outside) tcp interface ftp mcs-sbs01 ftp netmask 255.255.255.255 0 0

HTH

Hoogen

Do rate if this post helps :)

plank1111 Thu, 05/31/2007 - 10:22

The outside interface has multiple addresses, i got the normal ftp (21) working going to add a ACL for ftp-data(20) and see if passive mode works

plank1111 Thu, 05/31/2007 - 10:48

adding an ACL for port 20 did not fix my data port error on FTP

if I add the following two ACL's will this fix my problem?

access-list inside_access_in permit host 192.168.1.221 eq ftp any established

access-list inside_access_in permit host 192.168.1.221 eq ftp-data any established

Actions

This Discussion