Port forwarding on PIX 515

Unanswered Question
Apr 3rd, 2008
User Badges:

I am trying to turn on port forwarding for TCP and UDP for a specific port (22222) from a static IP address (outside) to an internal static IP address.


I cannot get this working. I tried using the ASDM and it didn't work there either.


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Thu, 04/03/2008 - 11:55
User Badges:
  • Green, 3000 points or more

static (inside,outside) tcp interface 22222 netmask 255.255.255.255

static (inside,outside) udp interface 22222 netmask 255.255.255.255


cadstillo Thu, 04/03/2008 - 12:00
User Badges:

I assume that (inside,outside) is either or correct, depending on the need?


This is what it should look like?


static 64.233.167.99 tcp interface 22222 xx.xx.xxx.xxx 22222 net mask 255.255.255.255

static 64.233.167.99 udp interface 22222 xx.xx.xxx.xxx 22222 net mask 255.255.255.255


Thanks for the quick response!!

acomiskey Thu, 04/03/2008 - 12:24
User Badges:
  • Green, 3000 points or more

No, you actually type "(inside,outside)".


These are the names of the inside and outside interfaces. So yours may be different. If yours are named "inside" and "outside" then you would type exactly what I wrote before.

cadstillo Thu, 04/03/2008 - 12:26
User Badges:

Thanks for clearing that up. So how do I isolate the port forwarding on a specific public IP address?

acomiskey Thu, 04/03/2008 - 12:40
User Badges:
  • Green, 3000 points or more

If you are using the public ip that is assigned to the outside interface then it would look the same as before...


static (inside,outside) tcp interface 22222 netmask 255.255.255.255

static (inside,outside) udp interface 22222 netmask 255.255.255.255



If you want to use a different public ip you would simply replace "interface" with the ip address...


static (inside,outside) tcp 22222 netmask 255.255.255.255

static (inside,outside) udp 22222 netmask 255.255.255.255

cadstillo Thu, 04/03/2008 - 12:42
User Badges:

Excellent!! I will try this and see how it works!


Thanks

rechard_david Tue, 04/08/2008 - 23:00
User Badges:

Dear Sir,


I just saw your message on forum that you told forwarding port on pix. So i would like to ask you that on ASA 5510 i uer forwarding port on ASA but it doesn't work this is command that i put in ASA,


-access-list 100 extended permit tcp any host 50.50.50.50 eq 5900

-static (inside,ouside) 50.50.50.50 5900 10.10.10.2 5900 netmask 255.255.255.255

Note: my interface Outside e0/0 IP address is :50.50.50.50

Could you verify for me please!!!!!



Actions

This Discussion