Forwarding incoming udp traffic to a specific internal address on PIX

Unanswered Question
May 20th, 2003
User Badges:

My question is: How to forward udp port 3283 to a single internal ip address on the PIX 515? This is to allow an internal client to connect to an Apple X-Serve via Apple Remote Desktop.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dmepix Tue, 05/20/2003 - 12:24
User Badges:

Yes I am using nat. I figured there was a command set I wasn't aware of.

Which part of the config would you like to see? I'm required to keep part of it confidential.

mhoda Tue, 05/20/2003 - 13:36
User Badges:
  • Silver, 250 points or more


Do you have a public ip address to translate to Apple X-Serve? If so, here is what you can configure:

static (inside, outside) External_IP Internal_IP

If you don't have any public routable ip then, you can use the outside interface ip address of the PIX to configure port redirection.

static (inside,outside) udp interface 3283 Internal_IP 3283

You need to allow the traffic from outside to inside as follows:

access-list 101 permit udp any host interface_ip/public_ip eq 3283

Then apply it to the outside interface of PIX:

access-group 101 in interface outside

Please let me know if you have any question. Thanks,


dmepix Wed, 05/21/2003 - 09:47
User Badges:

The static command is exactly what I needed to see. It works now. The documentaiton also proved to be a very good resource. Thank you for your help.


This Discussion