PIX access list

>> I want to create an access list in my pix firewll ( 520) that will allow one internal machine...

I am not sure on what you are looking for;

If you trying to allow connection to your Server from only a single host from outside world then this is how it should be done (Don't delete the static)

static (inside,outside) <PublicIPOfServer> <PrivateIP> netmask 255.255.255.255

The above line should already be there in your config and your access-list should look like;

access-list ToServer permit host <PublicExternalMachineIP> host <PublicIPOfServer>

access-list ToServer in interface outside

Cheers,
Rajesh

I want the access list to be from inside to outside so I think it has to be in my inside inside interface?

Thanks

Now I don't understand at all. If you are trying to make a U-turn at the PIX with one internal machine connecting to another internal machine which is natted to a public ip at the PIX, it is not possible for 6.x versions.

Can you describe more on what you are trying to accomplish?

Cheers,
Rajesh

I need to allow computer 1 ( located in my internal network) to be able to connect to computer 2( which has a public IP) without giving a static in my pix, I need to do it using access list.


Thanks for help

Ibmas4002,

  Why don't you mention it clearly? Is this computer 2 in the same internal network? If so, it is impossible with PIX 6.x versions and in 7.0 it is allowed.

Cheers,
Rajesh