I need to open ports on the firewall for the following:
Port 80 From IP - 172.16.1.20 (in DMZ) to 184.108.40.206 (internal
Port 1433 From IP 172.16.1.20 (in DMZ) to 220.127.116.11 (Internal
Also need to label the ports ie: 1433 SQL and HTTP 80 and specify a name for the rule ie: "Gateway to Swordfish Claims communication" if possible so we can keep track of the rules
Do do I configure this on a PIX firewall
Second octet in the second IP, 1189 won't work.
Either way will work.
You configure this in fw.
You can try something like this.
create no nat static entry
static (inside,DMZ) 18.104.22.168 22.214.171.124 netmask 255.255.255.255 0 0
create object group for tcp with description
object-group service TCP_GW_SWORFISH tcp
description Gateway to Sorfish
port-object eq 1433
port-object eq 80
access-list DMZ_access_in remark gateway_to_sorfish
access-list DMZ_access_in permit tcp host 172.16.1.20 host 126.96.36.199 object-group TCP_GW_SWORFISH
access-group DMZ_access_in in interface DMZ
access-list dmz2internal extended permit tcp host 172.16.1.20 host 195.1189.216.163 eq 80
access-list dmz2internal extended permit tcp host 172.16.1.20 host 195.1189.216.163 eq 1433
Port 80 will be renamed (in the config) to HTTP and 1422 to SQLNET. I don't think there is a way to change them. For marking what an ACL does, you can add a remark.
access-list dmz2internal extended remark Gateway to Swordfish Claims communication
Hope that helps.