Access-list question

Unanswered Question
Jun 16th, 2008
User Badges:


We have a PIX 506 firewall and I need to allow a specific IP address, to access a server inside the LAN on port #1999. I created a public IP address for the server but I am not so sure if the following command is correct.

access-list 101 permit tcp host host “public ip address of our server” eq 1999

Thank you

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
dgroscost Mon, 06/16/2008 - 06:26
User Badges:

Yes, that's correct.

You will need to apply the ACL to your outside interface -

access-group 101 in interface outside (as example)

Depending on your config, you may need to assign a static NAT to your server.

static (inside,outside) public.ip.address internal.ip.address netmask


This Discussion