«

[ahmad2005]

hi all,
iam new with pix firewalls,
so i need to open all ports (any) from ip to another ip
for example: from 10.10.2.2 to 172.16.5.5
can any one help me with the access list statement

thank u very much

[sdunn96]

access-list access_list_name extended permit tcp any any

and do that for each service....
tcp, icmp, udp, etc....

I think that should work.

[ahmad2005]

i would like to thank you for your reply
then
may be u didnt understand my question
i need to open the all ports from 10.10.2.2 to 172.16.5.5 , i mean all ports will be allowed in this traffic

in your asnwer i think (access-list access_list_name extended permit tcp any any) means that you open tcp ports from any source to any destination

[sdunn96]

Quote:

Originally Posted by ahmad2005

i would like to thank you for your reply
then
may be u didnt understand my question
i need to open the all ports from 10.10.2.2 to 172.16.5.5 , i mean all ports will be allowed in this traffic

in your asnwer i think (access-list access_list_name extended permit tcp any any) means that you open tcp ports from any source to any destination

If it is a one to one, then you can specify single hosts in the access_list.

Specify host before the first computer (source) and then specify host for the second computer (dest.)

[sdunn96]

Oh, and I would just use the keyword "ip" in the access list, disregard my earlier statment.

So something like

access-list 102 permit ip host 10.10.2.2 host 172.16.5.5