Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Will this cofiguration allow..............

PCAnywhere traffic through my PIX 501 to natted PCs on the LAN with ip addresses of 192.168.1.38 and 192.168.1.39?

access-list 200 permit tcp any host ooo.ooo.ooo.ooo eq 5631

access-list 200 permit tcp any host ooo.ooo.ooo.ooo eq 5632

static (inside,outside) tcp interface 5631 192.168.1.39 5631 netmask 255.255.255.255 0 20

static (inside,outside) tcp interface 5631 192.168.1.39 5631 netmask 255.255.255.255 0 20

access-group 200 in interface outside

access-list 200 permit tcp any host ooo.ooo.ooo.ooo eq 5631

access-list 200 permit tcp any host ooo.ooo.ooo.ooo eq 5632

static (inside,outside) tcp interface 5631 192.168.1.38 5631 netmask 255.255.255.255 0 20

static (inside,outside) tcp interface 5631 192.168.1.38 5631 netmask 255.255.255.255 0 20

access-group 200 in interface outside

ooo.ooo.ooo.ooo is the outside address of the PIX

Any help would be great!!!

1 REPLY
New Member

Re: Will this cofiguration allow..............

The same port redirection cannot be used to two different hosts on inside.

one could be set to receive port 5631 and the other to receive 5632

access-list 200 permit tcp any host ooo.ooo.ooo.ooo eq 5631

access-list 200 permit tcp any host ooo.ooo.ooo.ooo eq 5632

static (inside,outside) tcp interface 5631 192.168.1.39 5631 netmask 255.255.255.255 0 20

static (inside,outside) tcp interface 5632 192.168.1.38 5632 netmask 255.255.255.255 0

access-group 200 in interface outside

275
Views
0
Helpful
1
Replies