Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Pix 550- adding rule

I have a pix 550 (6.3). I need to nat a server on my lan to the internet. The server ip 192.168.1.3 needs to be natted to 65.333.333.3 and be allowed www access only.

Need assistance with the configuration rules I need to allow on pix.

2 REPLIES

Re: Pix 550- adding rule

try

static (inside,outside) 65.333.333.3 192.168.1.3 netmask 255.255.255.255

access-list <> permit tcp any host 65.333.333.3 eq 80

HTH>

Bronze

Re: Pix 550- adding rule

Hi,

Your IP address is invaild as the second and thrird actet exceed 255, however I'm assuming this is just an example?

Anyway, your configuration will be.

static (inside,outside) 65.333.333.3 192.168.1.3 netmask 255.255.255.255

access-list in_on_outside permit tcp any host 65.333.333.3 eq 80

Assuming the IP 192.168.1.3 is behind the "inside" interface and also there is an ACL called "in_on_outside" attached to the outside interface (access-group command)

So please adjust these parameters to your config.

Regards

146
Views
0
Helpful
2
Replies