In article <dwpxc.21376$ m>,
JJ <> wrote:
:I inherited a Pix 506 and have a need to have a user (from a FIX IP) -
:telnet through PIX to a specific server on my network
How many public IP addresses do you have available? If you only have
one public IP (e.g., because you are using DHCP on a cable modem), then
due to a special case in the PIX, you cannot do what you want unless
a VPN tunnel is configured.
If you have a second public IP address, say 12.13.14.15, and the
server is 192.168.16.17 and the user's IP is 19.20.21.22 then you
can configure
static (inside, outside) 12.13.14.15 192.168.16.17 netmask 255.255.255.255 0 0
access-list out2in permit tcp host 19.20.21.22 host 12.13.14.15 eq telnet
access-group out2in in interface outside
However, this does risk overriding configurations that have carefully
be made previously, so you should "show run" and study the
configuration first.
If you are very new to the PIX, you might want to try
https:// followed by the inside IP address of the PIX. That should
allow you to log in to a GUI interface for controlling the PIX,
provided you have the appropriate passwords.
--
Cottleston, Cottleston, Cottleston pie.
A bird can't whistle and neither can I. -- Pooh
|
Similar Threads
