Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX 501 Rule Config

I have been asked to a PIX 501 between our lan and a database server (on the same lan) to allow access to certain ports.

I have configured it with two test PCs and set up a rule to allow RDP but I cannot get access.

I have attached the running config and a basic diagram of the test setup if someone could tell me where I am going wrong I would be grateful.

Hall of Fame Super Blue

Re: PIX 501 Rule Config


I can't view the diagram (perhaps post as .jpg/.png) but from the config i am confused.

Your 2 pc's are

name TestPC

name TestPC2

your pix interfaces are

ip address outside

ip address inside

so both your PC's are on the same network ie. 192.168.1.x. So they will not go through the pix to communicate with each other. If you have physically set it up so one PC is connected to the outside of the pix and the other to the inside then this will never work with your current setup.

You have applied this acl to your outside interface -

access-list outside_access_in permit tcp host TestPC2 host TestPC eq 3389

but TESTPC2 is not in the 192.168.0.x network that the outside interface is in.

Perhaps you could clarify the layout ie. post a .jpg/.png and the IP address of TESTPC2 ?


New Member

Re: PIX 501 Rule Config

Hi Jon,

Thankis for the quick reply,

I had to assign the to outside interface as the ouside and inside interface cannot have an address in the same IP range.

To complete the test I need to have connect to via the firewall using an ACl rule.


New Member

Re: PIX 501 Rule Config

Sorry here is the correct drawing

New Member

Re: PIX 501 Rule Config

Hi Jon,

Forgetting the info from my test can you see any way to firewall traffic from the lan to the DB server also on the same lan using the PIX 501?

CreatePlease to create content