Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Allow NFS from a DMZ to Inside trought a PIX

Hello,

Trying to allow NFS access from a DMZ host to an Inside NFS Server, I got "% Invalid Hostname" Message when configuring Access Rule.

That append when I add "eq nfs" to ACL.

It's regarding HA 515E PIX firewalls, with context configuration and PIX version 7.2(4).

Any help will be appreciate.

Thank you for your collaboration and best regards.

2 REPLIES

Re: Allow NFS from a DMZ to Inside trought a PIX

Hello Pascal,

Most probably, you are missing or you have a typo in ACE. Here is an example

access-list dmz_access_in permit tcp host 172.16.10.1 host 192.168.20.1 eq nfs

If doesnt work, please post the full text you type for ACL

Regards

New Member

Re: Allow NFS from a DMZ to Inside trought a PIX

Hello Huseyin,

Thank for the reply.

Of course I checked that the command is correct.

I also introduce the access rule by using ASDM with the same result.

Hereafter the outputs:

PROD(config)# access-list DMZ-PUBLIC_access_in_V1 line 19 extended permit tcp host 172.16.10.1 host 192.168.20.1 eq nfs log 6 interval 300

access-list DMZ-PUBLIC_access_in_V1 line 19 extended permit tcp host 172.16.10.1 host 192.168.20.1 eq nfs log 6 interval 300

^

ERROR: % Invalid Hostname

After I tried with the port number 2049 instead of keyword "nfs" and all is working fine.

That mean the access rule have to be entered in CLI mode with the port number 2049 instead of keyword "nfs". After, in ASDM, the rule is displayed with the "nfs" keyword.

It's OK now. Thank you for your collaboration and best regards.

617
Views
0
Helpful
2
Replies
CreatePlease to create content