05-30-2007 07:44 PM - edited 03-11-2019 03:23 AM
I have a Pix 515e that I need to forward a port. this should be a simple task but for some reason it is not working. I have attached my config file
I need to forward FTP to mcs-sbs01 I have the nat setup in the config I attached it has ** above and below it to help you find it.
I can't seem to get an access rule that allows traffic through.
05-31-2007 10:04 AM
Is your static nat outside ip address related to the outside interface ip?
ip address outside ******.194 255.255.255.192
static (inside,outside) tcp 65.23.46.194 ftp mcs-sbs01 ftp netmask 255.255.255.255 0 0
If so you need to make a small change on the static statement, instead of putting the ip address of the outside interface use the keyword interface
static (inside,outside) tcp interface ftp mcs-sbs01 ftp netmask 255.255.255.255 0 0
HTH
Hoogen
Do rate if this post helps :)
05-31-2007 10:22 AM
The outside interface has multiple addresses, i got the normal ftp (21) working going to add a ACL for ftp-data(20) and see if passive mode works
05-31-2007 10:48 AM
adding an ACL for port 20 did not fix my data port error on FTP
if I add the following two ACL's will this fix my problem?
access-list inside_access_in permit host 192.168.1.221 eq ftp any established
access-list inside_access_in permit host 192.168.1.221 eq ftp-data any established
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: