12-17-2009 04:34 PM - edited 03-11-2019 09:49 AM
I am reaching out to you all in the hopes that one of you might be able to assist me with the configuration of a PIX 515 firewall.
Basically, I am trying to configure a PIX 515 for use with my Cox Business Internet service. They have assigned me a single static public IP address with an internal CIDR block. I was able to successfully configure it with the WAN IP address on the outside interface and the first usable IP address of the CIDR as the gateway on my inside interface, and I am able to get out to the Internet, but I can’t seem to figure out how to allow outside access into my internal CIDR network. It’s probably something really stupid that I’m missing but I can’t seem to find any examples on how to do this properly.
Thanks
Solved! Go to Solution.
12-17-2009 04:58 PM
dnpangallo wrote:
I am reaching out to you all in the hopes that one of you might be able to assist me with the configuration of a PIX 515 firewall.
Basically, I am trying to configure a PIX 515 for use with my Cox Business Internet service. They have assigned me a single static public IP address with an internal CIDR block. I was able to successfully configure it with the WAN IP address on the outside interface and the first usable IP address of the CIDR as the gateway on my inside interface, and I am able to get out to the Internet, but I can’t seem to figure out how to allow outside access into my internal CIDR network. It’s probably something really stupid that I’m missing but I can’t seem to find any examples on how to do this properly.
Thanks
To allow access from outside to inside you need 2 things
1) NAT statement
2) access-list to allow the traffic
so lets say you have an internal IP of 195.17.17.10 and you want to allow http to it
static (inside,outside) 195.17.17.10 195.17.17.10 netmask 255.255.255.255
access-list outside_in permit tcp any host 195.17.17.10 eq www
access-group outside_in in interface outside
Jon
12-17-2009 04:58 PM
dnpangallo wrote:
I am reaching out to you all in the hopes that one of you might be able to assist me with the configuration of a PIX 515 firewall.
Basically, I am trying to configure a PIX 515 for use with my Cox Business Internet service. They have assigned me a single static public IP address with an internal CIDR block. I was able to successfully configure it with the WAN IP address on the outside interface and the first usable IP address of the CIDR as the gateway on my inside interface, and I am able to get out to the Internet, but I can’t seem to figure out how to allow outside access into my internal CIDR network. It’s probably something really stupid that I’m missing but I can’t seem to find any examples on how to do this properly.
Thanks
To allow access from outside to inside you need 2 things
1) NAT statement
2) access-list to allow the traffic
so lets say you have an internal IP of 195.17.17.10 and you want to allow http to it
static (inside,outside) 195.17.17.10 195.17.17.10 netmask 255.255.255.255
access-list outside_in permit tcp any host 195.17.17.10 eq www
access-group outside_in in interface outside
Jon
12-18-2009 08:39 AM
Awesome... that did it! I was just missing the static statement. I had tried something like that earlier, but I never would have thought to use the internal IP as both the inside and outside parameters.
I really appreciate your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide