Pix 501 Configuration Issue(s)

Unanswered Question

Hi all.

this is my first post here, and i have never used cisco products until now. I have a Small Business Server 2003R2 running exchange, remote web workplace, sharepoint, etc. i have 1 nic. i've setup the 501 firewall with a public ip, and the server has a private

i have setup vpn, but i need to be able to setup/open ports for exchange, remote desktop, etc, to take advantage of all the products on the small business server. I am unclear on how to do this.

i've been reading/researching this on the net for the past few days. are these the right commands to do this:

access-list OUTSIDE_IN permit tcp any interface outside eq 25

access-group OUTSIDE_IN in interface outside

static (inside,outside) tcp interface http http netmask

also, i have several more public ips that are available.

thanks for any help/suggestions.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Thu, 12/27/2007 - 12:46
User Badges:
  • Purple, 4500 points or more


Nice job researching as you're 99% of the way there. Since you have more than just the interface IP, you change in the static the interface keyword to the IP address you want to use. You do the same in the ACL. Let's say your public IP's are .1 is assigned to the interface so lets use .2 for Exchange.

static (inside,outside) tcp 25 25 netmask

Then your ACL should change too.

access-list OUTSIDE_IN permit tcp any host eq 25

Note in your static the netmask should be This does a one-to-one NAT which is what you want. Post any other questions you may have.



This Discussion