• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 320
  • Last Modified:

Pix 501 Port Fowarding

How do i foward ports on my pix 501?

i've been reading here, and i tried:

static (inside,outside) tcp A.A.A.A 7000 B.B.B.B 7000 netmask 255.255.255.255
static (inside,outside) tcp A.A.A.A 443 B.B.B.B 443 netmask 255.255.255.255

access-list outside_in permit tcp any host A.A.A.A eq 7000
access-list outside_in permit tcp any host A.A.A.A eq 443

where A.A.A.A is the outside IP of the pix, and B.B.B.B is the inside ip address of the server.

i also used:

access-group outside_in in interface outside

to apply the access list.

however, when i test for connectivity:

dan@server [~]# telnet A.A.A.A 7000
Trying A.A.A.A...
telnet: Unable to connect to remote host: Connection refused

the server i attempted to connect from is an unfirewalled server on an unrelated network.


0
Daenks
Asked:
Daenks
1 Solution
 
stressedout2004Commented:
The first thing that you need to do is make sure that the services you want are working locally.
So you need to test telnet on 7000 and https from your own local network to verify that they are working.
If they are working locally, but not externally, then try making the following changes:

1) remove all the static and access-list you have configured.

2) replaced them with the following:

static (inside,outside) tcp interface 7000 B.B.B.B 7000 netmask 255.255.255.255
static (inside,outside) tcp interface 443 B.B.B.B 443 netmask 255.255.255.255
access-list acl_out permit tcp any interface outside eq 7000
access-list acl_out permit tcp any interface outside eq 443
access-group acl_out in interface outside
clear xlate

In most cases, you need to use the word "interface" on the static port redirection in place of the PIX actual
outside IP address or otherwise it will not work.

Try it and let us know.

0
 
DaenksAuthor Commented:
thanks :)
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now