cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
334
Views
0
Helpful
3
Replies

PIX port forward

plank1111
Level 1
Level 1

I have a Pix 515e that I need to forward a port. this should be a simple task but for some reason it is not working. I have attached my config file

I need to forward FTP to mcs-sbs01 I have the nat setup in the config I attached it has ** above and below it to help you find it.

I can't seem to get an access rule that allows traffic through.

3 Replies 3

hoogen_82
Level 4
Level 4

Is your static nat outside ip address related to the outside interface ip?

ip address outside ******.194 255.255.255.192

static (inside,outside) tcp 65.23.46.194 ftp mcs-sbs01 ftp netmask 255.255.255.255 0 0

If so you need to make a small change on the static statement, instead of putting the ip address of the outside interface use the keyword interface

static (inside,outside) tcp interface ftp mcs-sbs01 ftp netmask 255.255.255.255 0 0

HTH

Hoogen

Do rate if this post helps :)

The outside interface has multiple addresses, i got the normal ftp (21) working going to add a ACL for ftp-data(20) and see if passive mode works

adding an ACL for port 20 did not fix my data port error on FTP

if I add the following two ACL's will this fix my problem?

access-list inside_access_in permit host 192.168.1.221 eq ftp any established

access-list inside_access_in permit host 192.168.1.221 eq ftp-data any established

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: