jbatavier
asked on
Pix 506 port forwarding
Hi,
At a customer site I have a sbs 2003 server, ip adress: 192.168.72.25
The IT company before us added the config to the Cisco Pix 503.
Port 25 and 3389 are forwarded to the SBS server.
Now I'm configuring a terminal server with ip adress: 192.168.72.26 with port 3390 opened for RDP traffic.
I've tried to enter the following config to the CISCO:
static (inside,outside) tcp 1.1.1.1 3390 192.168.72.26 3390 netmask 255.255.255.255 0 0
When I do that i receive the following error:
ERROR: duplicate of existing static
from inside:sbs2003 outside:193.172.182.67 netmask 255.255.255.255
Usage: [no] static [(real_ifc, mapped_ifc)]
{<mapped_ip>|interface}
{<real_ip> [netmask <mask>]} | {access-list <acl_name>}
[dns] [norandomseq] [<max_conns> [<emb_lim>]]
[no] static [(real_ifc, mapped_ifc)] {tcp|udp}
{<mapped_ip>|interface} <mapped_port>
{<real_ip> <real_port> [netmask <mask>]} |
{access-list <acl_name>}
[dns] [norandomseq] [<max_conns> [<emb_lim>]]
Please help
At a customer site I have a sbs 2003 server, ip adress: 192.168.72.25
The IT company before us added the config to the Cisco Pix 503.
Port 25 and 3389 are forwarded to the SBS server.
Now I'm configuring a terminal server with ip adress: 192.168.72.26 with port 3390 opened for RDP traffic.
I've tried to enter the following config to the CISCO:
static (inside,outside) tcp 1.1.1.1 3390 192.168.72.26 3390 netmask 255.255.255.255 0 0
When I do that i receive the following error:
ERROR: duplicate of existing static
from inside:sbs2003 outside:193.172.182.67 netmask 255.255.255.255
Usage: [no] static [(real_ifc, mapped_ifc)]
{<mapped_ip>|interface}
{<real_ip> [netmask <mask>]} | {access-list <acl_name>}
[dns] [norandomseq] [<max_conns> [<emb_lim>]]
[no] static [(real_ifc, mapped_ifc)] {tcp|udp}
{<mapped_ip>|interface} <mapped_port>
{<real_ip> <real_port> [netmask <mask>]} |
{access-list <acl_name>}
[dns] [norandomseq] [<max_conns> [<emb_lim>]]
Please help
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You have this
static (inside,outside) tcp 1.1.1.1 3390 192.168.72.26 3390 netmask 255.255.255.255 0 0
^^^^This should be the real inside port for RDP (3389)
I would just use 3391, This static will forward it to 3389 on the server
static (inside,outside) tcp 1.1.1.1 3391 192.168.72.26 3389 netmask 255.255.255.255 0 0