Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

open port range

I have an 1841 with IOS 12.4 connected to an isp with a single subnet - I am trying to create and access list for IP phone access to a single internal IP on ports:

5566 tcp

5567 udp

6004-7039 udp

I can nat the first two with static entries but I cannot seem to get the port range to work?

Thank you in advance for any help

1 REPLY
Silver

Re: open port range

In order to open certain range of TCP or UDP ports on PIX, use the service object group and define it in an ACL or conduit. Refer to this configuration example:

PIX (config)#object-group service tcp

PIX(config-service)#port-object range <1-65535>

PIX (config)#object-group service udp

PIX(config-service)#port-object range <1-65535>

Bind the object-groups with access-lists:

PIX (config)#access-list permit tcp any any object-group

PIX (config)#access-list permit udp any any object-group

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800d641d.shtml#serv

306
Views
0
Helpful
1
Replies