Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

PIX 501 Won't Open Ports or Stealth..

Posted on 2004-12-01
6
Medium Priority
?
600 Views
Last Modified: 2012-06-27
Semi newbie here,

I've got a PIX 501 running about two years now.   I've added and removed items in the past but having problem now.

I'm trying to open:

access-list outside_access_in permit tcp any host trbus-ext eq 3495
access-list outside_access_in permit tcp any host trbus-ext eq 20001

I've got a a web server & ftp running on trbus-ext and that works -- and I can't figure out how those settings are open (newbie) -

Too many days trying this -- any ideas or suggestions appreciated.

0
Comment
Question by:jdekeyrel
  • 3
  • 3
6 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 12719048
It depends on your static (inside,outside) settings. Do you have static maps for those two ports?

  clear xlate
  static (inside,outside) tcp trbus-ext 3495 trbus-int 3495 netmask 255.255.255.255
  static (inside,outside) tcp trbus-ext 20001 trbus-int 20001 netmask 255.255.255.255

  access-list outside_access_in permit tcp any host trbus-ext eq 3495
  access-list outside_access_in permit tcp any host trbus-ext eq 20001

Re-apply the access-list to the interface to effect the changes
  access-group outside_access_in in interface outside
0
 

Author Comment

by:jdekeyrel
ID: 12719542
Here's the only static line referencing trbus:

static (inside,outside) trbus-ext trbus netmask 255.255.255.255 0 0

Not sure what u mean with "clear xlate"

or

"Re-apply" the access-list to the interface to effect the changes
  access-group outside_access_in in interface outside

The above line is already present.  It is right after the "static" section.


0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12719866
>The above line is already present.
Yes, That is why I said to re-apply it by putting it in again.

"clear xlate" command will clear all current dynamic nat translations in case those that you want to allow in are in use somewhere as a dynamic xlate. Since you already have a 1-1 static nat to for this host, that should not be an issue.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:jdekeyrel
ID: 12720185
Ok --  put this line in a SECOND TIME:

access-group outside_access_in in interface outside


THEN:

add clear xlate   -- not near 501 at the moment... use telnet or PDM - for this
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 12721037
You can clear xlate from any prompt
Telnet
PIX#clear xlate
Or from PDM, Command line utility
clear xlate
   [send]
0
 

Author Comment

by:jdekeyrel
ID: 12721829
THANKS -- did the trick.    next question.....
0

Featured Post

Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Considering cloud tradeoffs and determining the right mix for your organization.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question