how to open UDP port 123

I have a PIX-501
i know enough to be stupid and i only know how to modify it via the JAVA App

i am trying to open UDP port 123 to allow all in and out traffic to anything on my lan

is this possible or do i have to forward to a certain IP?

I thought i could
configuration->accessRule

add a new rule

action = permit
source is outside (ip address of 0.0.0.0 and a mask 0f 0.0.0.0 )
destination inside (ip address of 0.0.0.0 and a mask 0f 0.0.0.0 )

protocol UDP
source and dest port both 123

so is this correct?

thanks
pariesAsked:
Who is Participating?
 
MikeKaneConnect With a Mentor Commented:
With all ASA firewalls, each interface is given a security level.  Outside is the lowest at 0, Inside is the highest at 100.  

Traffic can not move from a lower security interface to a higher security interface without a STATIC NAT or a PORT FORWARD along with an access list.  

Now if you have NTP traffic moving from an inside host to an outside host on port 123, then the outbound traffic is fine and the return traffic on the same session is allowed.   All you need is an outbound NAT using the global command.  

0
 
jerrygomezdotcomCommented:
MIKE KANE!!  I need your help!!  MY vpn is messed up!! PLZ Help me!!  

http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_25754171.html

I am sure if you look at my last POST with the configs you can tell me whats wrong?  I appreciate it!!
0
All Courses

From novice to tech pro — start learning today.