Link to home
Start Free TrialLog in
Avatar of jbatavier
jbatavier

asked on

Pix 506 port forwarding

Hi,

At a customer site I have a sbs 2003 server, ip adress: 192.168.72.25
The IT company before us added the config to the Cisco Pix 503.
Port 25 and 3389 are forwarded to the SBS server.

Now I'm configuring a terminal server with ip adress: 192.168.72.26 with port 3390 opened for RDP traffic.

I've tried to enter the following config to the CISCO:

static (inside,outside) tcp 1.1.1.1 3390 192.168.72.26 3390 netmask 255.255.255.255 0 0

When I do that i receive the following error:

 ERROR: duplicate of existing static

    from inside:sbs2003  outside:193.172.182.67 netmask 255.255.255.255
Usage:      [no] static [(real_ifc, mapped_ifc)]
            {<mapped_ip>|interface}
            {<real_ip> [netmask <mask>]} | {access-list <acl_name>}
            [dns] [norandomseq] [<max_conns> [<emb_lim>]]
      [no] static [(real_ifc, mapped_ifc)] {tcp|udp}
            {<mapped_ip>|interface} <mapped_port>
            {<real_ip> <real_port> [netmask <mask>]} |
            {access-list <acl_name>}
            [dns] [norandomseq] [<max_conns> [<emb_lim>]]

Please help
Avatar of wingatesl
wingatesl
Flag of United States of America image
It looks like port 3390 is already opened to the SBS2003 Server. You will also need to correct your static.
You have this
static (inside,outside) tcp 1.1.1.1 3390 192.168.72.26 3390 netmask 255.255.255.255 0 0
                                                                                       ^^^^This should be the real inside port for RDP (3389)
I would just use 3391, This static will forward it to 3389 on the server
static (inside,outside) tcp 1.1.1.1 3391 192.168.72.26 3389 netmask 255.255.255.255 0 0
ASKER CERTIFIED SOLUTION
Avatar of sarangk_14
sarangk_14
Flag of India image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial