Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 501 - Access List and Static access to server with DHCP address

Hello.

I have Pix 501 with 6.3 IOS code. My ISP changed and I lost my static IP address. I now am DHCP for my outside address but I was told I will always get the same IP address, 128.177.229.66. I need to setup my access-list and static for inside and outside but having no luck. I only need access to ftp and www so I can lock it down for the access requests.

If I put in a static for inside and outside to the outside address I get from the ISP, the pix quits responding. I know I am missing something simple.

Is there a way to put in static command for the interface?

1 REPLY

Re: PIX 501 - Access List and Static access to server with DHCP

Brett,

Yes, you can configure the static command to use the outside interface as follows. This config would redirect www/ftp traffic destined to your outside interface address to your internal server(s).

static (inside,outside) tcp interface www www netmask 255.255.255.255

static (inside,outside) tcp interface ftp www netmask 255.255.255.255

access-list outside_access_in extended permit tcp any interface outside eq www

access-list outside_access_in extended permit tcp any interface outside eq ftp

access-group outside_access_in in interface outside

HTH

Sundar

102
Views
0
Helpful
1
Replies
CreatePlease to create content