?
Solved

Pix firewall Static access

Posted on 2003-03-10
7
Medium Priority
?
165 Views
Last Modified: 2013-11-16
Hi,

I have got cisco PIX 515 with 6 interface ,IOS 6.1(4).
inside address is 10.160.21.3, one of the dmz Address is 172.17.9.1 connected to router (R3)172.17.9.3
network 10.35.160.X is behind  Router R3. I want to allow one of the server (10.35.160.5) from 10.35.160.X network to access my inside network (10.160.21.X).
How should i configure my static and access list.

thanks,
0
Comment
Question by:rijujohn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
7 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 160 total points
ID: 8102757
I would first exempt this server from nat, then make sure there is a route to it, and create an acl inbound on the dmz

!
access-list NO_NAT permit ip 10.160.21.0 255.255.255.0 host 10.35.160.5
!
nat(inside) 0 access-list NO_NAT
!
route dmz 10.35.160.0 255.255.255.0 172.17.9.3
!
access-list dmz_permit permit ip host 10.35.160.5 10.160.21.0 255.255.255.0
!

That should just about do it.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8102762
Oops, forgot to apply the dmz acl:
!
access-group dmz_permit in interface dmz
!

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8112687
G'day, rijujohn, there has not been any activity on this question in 1 days.
Do you still need assistance, need more information, or have you solved your problem? Can you close
out this question?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12487254
I should get credit for this question.

Thanks, Luc!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
A look at what happened in the Verizon cloud breach.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question