pix firewall and port forwarding



I have just replace a DLink firewall on my DSL connection with a Cisco 501 PIX firewall. On the DLink we have port forwarding setup to forware "IP" protocol for port #1050 to an internal machine on our LAN (with IP address 192.168.0.114). I need to know what would be the proper way to do the same forwarding on a Cisco PIX. I see examples of things like:
static(inside,outside) tcp interface http 192.168.0.114 http netmask 255.255.255.255

and correspondingly

access-list outside_in permit tcp any interface outside eq http

but the port forwarding in my dlink said protocol is IP (0) 1050/1050.  So how does that compare to either tcp or udp?

thanks terry


Thank you for your help.

Terry
LVL 1
techbnjcompAsked:
Who is Participating?
 
lrmooreConnect With a Mentor Commented:
Let's assume that you need both tcp and udp 1050

static (inside,outside) tcp interface 1050 192.168.0.114 1050 netmask 255.255.255.255
static (inside,outside) udp interface 1050 192.168.0.114 1050 netmask 255.255.255.255
access-list outside_in permit tcp any interface outside eq 1050
access-list outside_in permit udp any interace outside eq 1050
access-group outside_in in interface outside

One you have that setup, you can use "show access-list" to see the (hitcount= ) on either the tcp or udp line.
If either one gets zero hits, but many on the other one, then we know for sure which you need and which one you can later delete from the config..
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.