cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
564
Views
0
Helpful
7
Replies

Port forwarding on PIX 515

cadstillo
Level 1
Level 1

I am trying to turn on port forwarding for TCP and UDP for a specific port (22222) from a static IP address (outside) to an internal static IP address.

I cannot get this working. I tried using the ASDM and it didn't work there either.

Thanks

7 Replies 7

acomiskey
Level 10
Level 10

static (inside,outside) tcp interface 22222 netmask 255.255.255.255

static (inside,outside) udp interface 22222 netmask 255.255.255.255

I assume that (inside,outside) is either or correct, depending on the need?

This is what it should look like?

static 64.233.167.99 tcp interface 22222 xx.xx.xxx.xxx 22222 net mask 255.255.255.255

static 64.233.167.99 udp interface 22222 xx.xx.xxx.xxx 22222 net mask 255.255.255.255

Thanks for the quick response!!

No, you actually type "(inside,outside)".

These are the names of the inside and outside interfaces. So yours may be different. If yours are named "inside" and "outside" then you would type exactly what I wrote before.

Thanks for clearing that up. So how do I isolate the port forwarding on a specific public IP address?

If you are using the public ip that is assigned to the outside interface then it would look the same as before...

static (inside,outside) tcp interface 22222 netmask 255.255.255.255

static (inside,outside) udp interface 22222 netmask 255.255.255.255

If you want to use a different public ip you would simply replace "interface" with the ip address...

static (inside,outside) tcp 22222 netmask 255.255.255.255

static (inside,outside) udp 22222 netmask 255.255.255.255

Excellent!! I will try this and see how it works!

Thanks

Dear Sir,

I just saw your message on forum that you told forwarding port on pix. So i would like to ask you that on ASA 5510 i uer forwarding port on ASA but it doesn't work this is command that i put in ASA,

-access-list 100 extended permit tcp any host 50.50.50.50 eq 5900

-static (inside,ouside) 50.50.50.50 5900 10.10.10.2 5900 netmask 255.255.255.255

Note: my interface Outside e0/0 IP address is :50.50.50.50

Could you verify for me please!!!!!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: