Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 570
  • Last Modified:

Setting up FTP and RDP behind a pix

Hello everyone, I've gotten my pix 501 in the mail, and would like to setup an FTP site behind it, as well as all RDP to pass to my desktop.

I used the cisco device configurator thing and added some access rules
source - any
destination - my 192 local address
interface - outside
service - ftp

but I still can't connect!

Anyone know how to do port forwarding on these things?  command line would be great

2 Solutions
Here's an example configuration to use the PIX outside IP address for port redirection allowing RDP and FTP:

Just replace the 192.x.x.x with the actual IP address of the PC you want to be able to connect to.

static (inside,outside) tcp interface 3389 192.x.x.x 3389 netmask
static (inside,outside) tcp interface ftp 192.x.x.x ftp netmask
static (inside,outside) tcp interface ftp-data 192.x.x.x ftp-data netmask

access-list acl_out permit tcp any interface outside eq 3389
access-list acl_out permit tcp any interface outside eq ftp
access-list acl_out permit tcp any interface outside eq ftp-data
access-group acl_out in interface outside
Also be sure to run the following anytime you add/modify/remove any NAT entries (static or otherwise):
  clear xlate

terrymasonAuthor Commented:
thanks guys, worked perfectly!


Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now