Kindly assist with this.
We use a PIX 506E with 6.3 and 1 public IP Address. We want all machines (6)on inside network to connect to Internet while Internet user can connect
to 2 services running on 2 machines inside.
Inside Machine: a) web server on 192.168.170.190 and ftp server on
PIX inside interface IP = 192.168.170.185
PIX outside interface IP = 220.127.116.11
access-list goutbound permit ip 192.168.170.184 255.255.255.248 any access-list ginside permit tcp any host 18.104.22.168 eq www
access-list ginside permit tcp any host 22.214.171.124 eq ftp
access-group goutbound in interface inside access-group ginside in interface outside
global (outside) 1 interface
nat (inside) 1 0 0
static (inside,outside) tcp interface www 192.168.170.190 www netmask 255.255.255.255
static (inside,outside) tcp interface ftp 192.168.170.186 www netmask 255.255.255.255
While we can connect to the Internet from any machine on our inside network, the static does not seem to work as we can not connect to our ftp or www
machines from the internet.
Is my access-list and acces-group ok?
Can I use static(outside,inside) instead of static (inside,outside) above?