Ok I have been through every thread on this forum and have found this same question posed several times but no answers seem to work for what I have currently and I never saw anyone say "Hey that worked" so I am posting it again......I know how to do port redirection on a static route on the PIX 501 or at least in theory how to do it(209.x.x.x being the outside interface and 10.x.x.x being the inside:
What I do not understand is how to do this if you are pulling your ip via DHCP from the outside. Or with PIX 501 out of box config. How do you setup this whole sequence without giving an outside interface IP but rather just the outside interface as your point of exit and entry, then have that redirected to the inside machine of choice. The problem with the above sequence is once every 2 weeks or so my ISP changes my DHCP address so even if I do get it going with the above commands I would have to revert back to using dhcp setrout and then re-enter the configs again with the new IP. I would just like to start off by getting FTP running on an inside machine and having it accessible from the outside world. I am running Cisco PIX Firewall Version 6.1(2). Any help would be greatly appreciated. Thanks.
If I understand you correct, and to keep it simple :
Users on the outside are not able to connenct to your FTP because the outside address of the PIX changes from time to time..???
Assuming I got this correct, and also assumng that the outside interface allocates it address with some kind of DHCP, the 6.2 version (I know you are running 6.1, so you might have to upgrade) supports in the STATIC statement a reference to a dynamic IP address. So in your case I guess this would do the trick:
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...