Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Open multiple port to DMZ

How do I open for ports 1023 and above from the inside server (192.168.1.1) to the DMZ Server (192.168.2.1). And the other way for port 7205.

I have a pix 515

Best Regards

Ole Kyrstein

1 REPLY
Cisco Employee

Re: Open multiple port to DMZ

For traffic from inside -> dmz you don't need to specifically open ports, the traffic will be allowed by default. All you need is some sort of translation, either a nat/global pair or a static.

For traffic from dmz -> inside, you need a static and an ACL. The ACL would look something like:

> access-list dmzin permit tcp any host eq 7205

> access-group dmzin in interface dmz

87
Views
0
Helpful
1
Replies