Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Pix firewall Static access

Posted on 2003-03-10
7
Medium Priority
?
169 Views
Last Modified: 2013-11-16
Hi,

I have got cisco PIX 515 with 6 interface ,IOS 6.1(4).
inside address is 10.160.21.3, one of the dmz Address is 172.17.9.1 connected to router (R3)172.17.9.3
network 10.35.160.X is behind  Router R3. I want to allow one of the server (10.35.160.5) from 10.35.160.X network to access my inside network (10.160.21.X).
How should i configure my static and access list.

thanks,
0
Comment
Question by:rijujohn
  • 4
4 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 160 total points
ID: 8102757
I would first exempt this server from nat, then make sure there is a route to it, and create an acl inbound on the dmz

!
access-list NO_NAT permit ip 10.160.21.0 255.255.255.0 host 10.35.160.5
!
nat(inside) 0 access-list NO_NAT
!
route dmz 10.35.160.0 255.255.255.0 172.17.9.3
!
access-list dmz_permit permit ip host 10.35.160.5 10.160.21.0 255.255.255.0
!

That should just about do it.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8102762
Oops, forgot to apply the dmz acl:
!
access-group dmz_permit in interface dmz
!

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8112687
G'day, rijujohn, there has not been any activity on this question in 1 days.
Do you still need assistance, need more information, or have you solved your problem? Can you close
out this question?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12487254
I should get credit for this question.

Thanks, Luc!
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like me and like multiple layers of protection, read on!
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question