Solved

How to configure a static map on a Cisco PIX

Posted on 2006-11-15
1
270 Views
Last Modified: 2013-11-16
We have a T-1 line coming into a Cisco Router.  The router is set to allow all trafic from the WAN to its LAN port and only performs NAT.  The LAN port on the Router is 192.168.1.10.  Connected to the LAN port on the router is a Cisco PIX firewalll and its WAN IP address is 192.168.1.5.  The LAN port on the PIX connects to our local network and has an IP address of 192.168.6.1.

Router - Connected to the T-1
WAN Port (Public IP address)
LAN Port (192.168.1.10)

PIX - Connected to the LAN port on the Router
WAN Port (192.168.1.5)
LAN Port (192.168.6.1)

Server - Connected to the local network via a switch
LAN Port (192.168.6.220)

I need to know how to program the PIX so that I can have it direct all port 443 traffic that comes into our public IP address to 192.168.6.220 on the local network.  Essentially I just need allow my server to be accessible as a web server from the internet.  How do I do this with the PIX?

THANKS!!
0
Comment
Question by:doulos777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 17951312
Easy enough:

static (inside,outside) tcp interface https 192.168.6.220 https dns netmask 255.255.255.255
access-list outside_access_in permit tcp any interface outside eq https
access-group outside_access_in in interface outside

0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question