troubleshooting Question

How do I allow the PIX501 to serve outbound requests from inside to outside hosts?

Avatar of vantageit
vantageit asked on
Cisco
2 Comments1 Solution339 ViewsLast Modified:
I'd like to setup a PIX501 so that it
a) allows inbound requests from outside to a inside host on port 3389 (for terminal services)
b) allows outbound requests from inside hosts to any outside hosts on ports 25 & 110 (for email)
c) blocks all other inbound and outbound requests

I've got a handle on a) by using the attached code snippet. And I'm confident of c) by setting a explicit Deny using the PDM (ie. Deny any any). But I'm sure not 100% on translating the code I used in a) to solve b).

I'd like only 192.168.1.6 on the internal network to be able to use ports 25 & 110 for sending/receiving email and deny all others on the internal network access to the outside world
static (inside,outside) tcp <public ip> 25 <private ip> 25 netmask 255.255.255.255
access-list outside_access_in permit tcp any host <public ip> eq smtp
access-group outisde_access_in in interface outside
ASKER CERTIFIED SOLUTION
batry_boy

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 2 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros