Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Bronze

NFS protocol across the Pix firewall

I have a Pix 515E running PixOS version 8.0.4 with two interfaces, inside and outside.

On the inside interface, I have a Redhat Enterprise Linux 5.4 64 bits machine as an NFS server version 4 (NFSv4).

On the outside interface, I have three (3) Redhat Enterprise Linux 5.4 64 bits as NFS clients.

I have the following configuration on the Pix:

static (inside,outside) 192.168.1.1 4.2.2.2 netmask 255.255.255.255

access-list external permit icmp any any log

access-group external in interface outside

At the moment, none of the Linux client machines can mount a share on the NFS server because

my ACL is too restrictive.  I would like to be able to open the firewall so that Linux client

machines can mount the NFS server using NFS over UDP or NFS over TCP.

I am looking for the exact UDP and TCP ports to be added to the ACL in order to accomplish

this, from someone who have done this before.

Anyone know how to do this?

Thanks,

1 REPLY
Bronze

NFS protocol across the Pix firewall

I think I just answer my own post.  Just need to add about three lines to the configuration:

access-list external permit tcp any host 4.2.2.2 eq 111 log

access-list external permit udp any host 4.2.2.2 eq 111 log

fixup protocol sunrpc 111

Now I can mount the NFS server from my linux machines

743
Views
0
Helpful
1
Replies
CreatePlease to create content