Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

cisco network help

Posted on 2006-11-10
4
Medium Priority
?
190 Views
Last Modified: 2013-11-16
hi
if i have 16 cisco switch with management ip
172.16.10.2 and 172.16.10.3 and 172.16.10.4 and 172.16.10.5 all 4 switch connect to distrbution switch 1
and 172.16.20.2 and 172.16.20.3 and 172.16.20.4 and 172.16.20.5 all 4 switch connect to distrbution switch 2 and so on
i have 16 vlan each switch contain one VLAN 172.16.2.1 and 172.16.3.1 and so on
each 4 switch connect to distrbution switch (layer 3 switch use to routing) with ip 172.16.10.1 and 172.16.20.1 and 172.16.30.1 and 172.16.40.1
than the 4 distrbution switch connect to core switch with ip 172.16.100.2
then to pix 525 firewall then to router cisco 2800 with ip 62.68.65.2
iam using nat in pix firewall
i want to use static nat in pix firwall how i can refer to PC with ip 172.16.14.20 to use public IP 62.68.65.46 (the ip 172.16.14.20 is in vlan 14 )
and and i want to open SMTP port on pix firewall
and  eable telnet tocisco roter from outside
and deny ssh to vlan 14

thanks
0
Comment
Question by:nasemabdullaa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
srgilani earned 2000 total points
ID: 17919840
>>i want to use static nat in pix firwall how i can refer to PC with ip 172.16.14.20 to use public IP 62.68.65.46 (the ip 172.16.14.20 is in vlan 14 )

nameif ethernet3 dmz security50
ip address dmz  62.68.65.54 <this ip subnet mask>

your pc lan card and pix interface should be in same vlan


>>and and i want to open SMTP port on pix firewall
>>and deny ssh to vlan 14


access-list inbound permit tcp any any eq 25
access-list inbound deny tcp any any eq 22
access-list inbound permit ip any any

access-group inbound in interface outside



>>and  eable telnet tocisco roter from outside

config terminal
line vty 0 4
login
password     <your password> for telnet


0
 

Author Comment

by:nasemabdullaa
ID: 17920315
hi  srgilani
thanks for your reply
i do not want to use DMZ network
can i use other way with out change my cable connect to my switch i can not do that because its long distance from pix firewall to switch (floor 12 to floor 1) more than 400m

thanks
0
 
LVL 10

Expert Comment

by:srgilani
ID: 17928058
Another way is static nating which will map external to your internal ip.
0
 

Author Comment

by:nasemabdullaa
ID: 17929950
thanks srgilani
its work
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question