Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Highlighted
New Member

pix 7.1 outside to inside access

Hi,

I need configuration help for PIX 525 with PIX OS 7.1

My scenario is like this:

Firewall inside network 192.168.1.0 /24

Firewall inside interface IP 192.168.1.1

Firewall outside network 192.168.2.0/24

Firewall outside interface IP 192.168.2.1

I have to permit hosts 192.168.2.11 to 20 to access anything in the inside network.

Can somebody help in configuring this.

Regards

skrao

2 REPLIES
Bronze

Re: pix 7.1 outside to inside access

hi sivakondalarao,

try posting your config to better understand you setup, rest you can try this for the desired results

create an access-list and apply it to your outside interface

"access-list acl_out permit tcp any host 192.168.2.11"

apply to interface

"access-group acl_out in interface outside"

create a static for outside ip to commnicate with inside host

"static (inside,outside) tcp 192.168.2.11 192.168.1.x netmask 255.255.255.255"

also create an access-list and apply it to our inside interface

"access-list acl_inside permit ip any any"

apply to interface

"access-group acl_inside in interface inside"

hope this helps

Re: pix 7.1 outside to inside access

Hi can can:

1.- Create a static translation for all the internal hosts

static (inside,outside) 192.168.1.0 192.168.1.0 netmask 255.255.255.0

2.- Create an access-list for the outside network to initiate traffic to the inside hosts

access-list Outside_In extended permit ip 192.168.2.0 255.255.255.0 192.168.1.0 255.255.255.0

access-group Outside_In in interface Outside

3.- make sure your access-list applied to the Internal interface allow outbound traffic i.e

access-list Inside_Out extended permit ip 192.168.1.0 255.255.255.0 any

access-group Inside_Out in interface Inside

I hope it helps ... please rate it if it does

104
Views
5
Helpful
2
Replies
CreatePlease login to create content