Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Cofiguring PIX 515E

Reply
Thread Tools

Cofiguring PIX 515E

 
 
mattyp73@hotmail.com
Guest
Posts: n/a
 
      11-14-2005
Cisco PIX515E which I need to configure to allow traffic to a new
server on an internal IP address using ports 80, 25 and 21... I have a
dedicated external IP address and a dedicated Internal IP address for
the server... the PIX firewall already is set up... and doing its job..
what is the command line which needs to be inserted to allow this?

 
Reply With Quote
 
 
 
 
Jyri Korhonen
Guest
Posts: n/a
 
      11-14-2005
<(E-Mail Removed)> wrote:

> Cisco PIX515E which I need to configure to allow traffic to a new
> server on an internal IP address using ports 80, 25 and 21... I have a
> dedicated external IP address and a dedicated Internal IP address for
> the server... the PIX firewall already is set up... and doing its job..
> what is the command line which needs to be inserted to allow this?


Probably:

http://www.cisco.com/univercd/cc/td/....htm#wp1026694

and

http://www.cisco.com/univercd/cc/td/....htm#wp1067755

 
Reply With Quote
 
 
 
 
Gary
Guest
Posts: n/a
 
      11-15-2005

"Jyri Korhonen" <(E-Mail Removed)> wrote in message
news:dla4jq$338$(E-Mail Removed)...
> <(E-Mail Removed)> wrote:
>
>> Cisco PIX515E which I need to configure to allow traffic to a new
>> server on an internal IP address using ports 80, 25 and 21... I have a
>> dedicated external IP address and a dedicated Internal IP address for
>> the server... the PIX firewall already is set up... and doing its job..
>> what is the command line which needs to be inserted to allow this?

>
> Probably:
>
> http://www.cisco.com/univercd/cc/td/....htm#wp1026694
>
> and
>
> http://www.cisco.com/univercd/cc/td/....htm#wp1067755
>



Not sure what OS you are using but this works for us.

object-group service PublicPorts tcp
port-object eq smtp
port-object eq telnet
port-object eq www
port-object eq ftp

If this fails ACL will simply be line by line for every port allowed.

Your outside ACL will need something like this, but will need to be
integrated into existing ACL
access-list outside_acl permit tcp any object-group PublicPorts

Then just map the IP through.
static (inside,outside) <public IP here> <private IP here> netmask <Private
Subnet Here>

That is pretty much it.

G


 
Reply With Quote
 
Anton van der Leun
Guest
Posts: n/a
 
      11-17-2005
Hello,

you need something like this :

access-list outside_in permit any host public-ip-address eq 80
access-list outside_in permit any host public-ip-address eq 25
access-list outside_in permit any host public-ip-address eq 21

access-group outside_in in interface outside

static (inside1,outside) public-ip-address inside-ip-address netmask
255.255.255.255 768 1024

assuming that you don't have an access-list now on the outside


after implementing :
either reload the pix
or
issue command : clear xlate

then it should work...

Anton


http://www.velocityreviews.com/forums/(E-Mail Removed) wrote:
> Cisco PIX515E which I need to configure to allow traffic to a new
> server on an internal IP address using ports 80, 25 and 21... I have a
> dedicated external IP address and a dedicated Internal IP address for
> the server... the PIX firewall already is set up... and doing its job..
> what is the command line which needs to be inserted to allow this?
>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Cofiguring ASA 5505: Static IP, DNS, Gateway Mark Huizer Cisco 0 03-05-2010 10:20 PM
PIX 515 to PIX 515e not passing traffic Scott Townsend Cisco 6 05-25-2006 11:03 AM
Cisco System PIX 515E - Memory and PIX OS upgrade Speed3ple Cisco 0 04-04-2006 10:24 AM
Cisco PIX 6.1 (4) - Model PIX 515E Romeo Cisco 1 03-20-2006 03:26 PM
Replacing a PIX 515E with a PIX 515 Dustin Cisco 3 11-08-2005 11:06 PM



Advertisments