Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 515 won't allow traffic in

I am reaching out to you all in the hopes that one of you might be able to assist me with the configuration of a PIX 515 firewall.

Basically, I am trying to configure a PIX 515 for use with my Cox Business Internet service. They have assigned me a single static public IP address with an internal CIDR block. I was able to successfully configure it with the WAN IP address on the outside interface and the first usable IP address of the CIDR as the gateway on my inside interface, and I am able to get out to the Internet, but I can’t seem to figure out how to allow outside access into my internal CIDR network. It’s probably something really stupid that I’m missing but I can’t seem to find any examples on how to do this properly.

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: PIX 515 won't allow traffic in

dnpangallo wrote:

I am reaching out to you all in the hopes that one of you might be able to assist me with the configuration of a PIX 515 firewall.

Basically, I am trying to configure a PIX 515 for use with my Cox Business Internet service. They have assigned me a single static public IP address with an internal CIDR block. I was able to successfully configure it with the WAN IP address on the outside interface and the first usable IP address of the CIDR as the gateway on my inside interface, and I am able to get out to the Internet, but I can’t seem to figure out how to allow outside access into my internal CIDR network. It’s probably something really stupid that I’m missing but I can’t seem to find any examples on how to do this properly.

Thanks

To allow access from outside to inside you need 2 things

1) NAT statement

2) access-list to allow the traffic

so lets say you have an internal IP of 195.17.17.10 and you want to allow http to it

static (inside,outside) 195.17.17.10 195.17.17.10 netmask 255.255.255.255

access-list outside_in permit tcp any host 195.17.17.10 eq www

access-group outside_in in interface outside

Jon

2 REPLIES
Hall of Fame Super Blue

Re: PIX 515 won't allow traffic in

dnpangallo wrote:

I am reaching out to you all in the hopes that one of you might be able to assist me with the configuration of a PIX 515 firewall.

Basically, I am trying to configure a PIX 515 for use with my Cox Business Internet service. They have assigned me a single static public IP address with an internal CIDR block. I was able to successfully configure it with the WAN IP address on the outside interface and the first usable IP address of the CIDR as the gateway on my inside interface, and I am able to get out to the Internet, but I can’t seem to figure out how to allow outside access into my internal CIDR network. It’s probably something really stupid that I’m missing but I can’t seem to find any examples on how to do this properly.

Thanks

To allow access from outside to inside you need 2 things

1) NAT statement

2) access-list to allow the traffic

so lets say you have an internal IP of 195.17.17.10 and you want to allow http to it

static (inside,outside) 195.17.17.10 195.17.17.10 netmask 255.255.255.255

access-list outside_in permit tcp any host 195.17.17.10 eq www

access-group outside_in in interface outside

Jon

New Member

Re: PIX 515 won't allow traffic in

Awesome... that did it! I was just missing the static statement. I had tried something like that earlier, but I never would have thought to use the internal IP as both the inside and outside parameters.

I really appreciate your help.

329
Views
0
Helpful
2
Replies