The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.
Course Of The Month
10 days, 3 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Pix 506 E Multiple Port Configuration
Posted on 2013-01-04
Experts,
I have a client who is using a pix 506e as a firewall. They are getting a new phone system and the installing company has asked them to open the following ports:
5060 – UDP/TCP
• 5004 – UDP/TCP
• 10000-10201 - UDP
I was able to set these up in the access list by using a group-object based on this article:
http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_23210702.html
However, at the bottom of this artilce, it states I have to manually static map each of the
200 plus ports in the 10000 - 10201 range. Here is the text from the above article:
object-group service group_1 tcp-udp
port-object range 1717 1723
access-list outside_access_in permit tcp any interface outside object-group group_1
but then you need a static for every port!!!
static (inside,outside) tcp interface 1717 10.10.10.4 1717 netmask 255.255.255.255 0 0
static (inside,outside) tcp interface 1718 10.10.10.4 1718 netmask 255.255.255.255 0 0
etc
There is no way of creating 1 static mapping - for ex>
static (inside, outside) tcp interface etc ......
to list all these ports ?
Please advise.
Thanks
John
I have a client who is using a pix 506e as a firewall. They are getting a new phone system and the installing company has asked them to open the following ports:
5060 – UDP/TCP
• 5004 – UDP/TCP
• 10000-10201 - UDP
I was able to set these up in the access list by using a group-object based on this article:
http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_23210702.html
However, at the bottom of this artilce, it states I have to manually static map each of the
200 plus ports in the 10000 - 10201 range. Here is the text from the above article:
object-group service group_1 tcp-udp
port-object range 1717 1723
access-list outside_access_in permit tcp any interface outside object-group group_1
but then you need a static for every port!!!
static (inside,outside) tcp interface 1717 10.10.10.4 1717 netmask 255.255.255.255 0 0
static (inside,outside) tcp interface 1718 10.10.10.4 1718 netmask 255.255.255.255 0 0
etc
There is no way of creating 1 static mapping - for ex>
static (inside, outside) tcp interface etc ......
to list all these ports ?
Please advise.
Thanks
John
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance.
A concise guide to the settings required on both devices
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month10 days, 3 hours left to enroll
623 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.