PIX 506 forwarding telnet port to home lab

Discussion in 'Cisco' started by boxers999, Apr 25, 2007.

  1. boxers999

    boxers999 Guest

    I have been lucky enough to have been given a Pix 506. Im trying to
    open the telnet port (from any external IP) to allow access to my home
    lab. Im only on my CCNA 2 at the moment and just starting on ACL's. I
    think the problem is the static route's netmask which wont accept
    255.255.255.0.

    Any pointers would be great !

    This is what I have on the pix at the moment:-

    My 2511 router is on 192.168.1.111 !

    access-list 101 permit tcp any host 192.168.1.111 eq telnet
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    ip address outside pppoe setroute
    ip address inside 192.168.1.3 255.255.255.0
    ip audit info action alarm
    ip audit attack action alarm
    pdm logging informational 100
    pdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    static (inside,outside) tcp 0.0.0.0 telnet 192.168.1.111 telnet
    netmask 255.255.255.255 0 0
    access-group 101 in interface outside
    boxers999, Apr 25, 2007
    #1
    1. Advertising

  2. "boxers999" <> wrote:

    >I have been lucky enough to have been given a Pix 506. Im trying to
    > open the telnet port (from any external IP) to allow access to my home
    > lab. Im only on my CCNA 2 at the moment and just starting on ACL's. I
    > think the problem is the static route's netmask which wont accept
    > 255.255.255.0.
    >
    > Any pointers would be great !
    >
    > This is what I have on the pix at the moment:-
    >
    > My 2511 router is on 192.168.1.111 !
    >
    > access-list 101 permit tcp any host 192.168.1.111 eq telnet
    > pager lines 24
    > mtu outside 1500
    > mtu inside 1500
    > ip address outside pppoe setroute
    > ip address inside 192.168.1.3 255.255.255.0
    > ip audit info action alarm
    > ip audit attack action alarm
    > pdm logging informational 100
    > pdm history enable
    > arp timeout 14400
    > global (outside) 1 interface
    > nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    > static (inside,outside) tcp 0.0.0.0 telnet 192.168.1.111 telnet
    > netmask 255.255.255.255 0 0
    > access-group 101 in interface outside


    access-list 101 permit tcp any interface outside eq telnet

    http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/ab.htm#wp1067755

    static (inside,outside) tcp interface telnet 192.168.1.111 telnet

    http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/s.htm#wp1026694
    Jyri Korhonen, Apr 25, 2007
    #2
    1. Advertising

  3. boxers999

    boxers999 Guest

    On 25 Apr, 10:40, "Jyri Korhonen" <>
    wrote:
    > "boxers999" <> wrote:
    > >I have been lucky enough to have been given a Pix 506. Im trying to
    > > open the telnet port (from any external IP) to allow access to my home
    > > lab. Im only on my CCNA 2 at the moment and just starting on ACL's. I
    > > think the problem is the static route's netmask which wont accept
    > > 255.255.255.0.

    >
    > > Any pointers would be great !

    >
    > > This is what I have on the pix at the moment:-

    >
    > > My 2511 router is on 192.168.1.111 !

    >
    > > access-list 101 permit tcp any host 192.168.1.111 eq telnet
    > > pager lines 24
    > > mtu outside 1500
    > > mtu inside 1500
    > > ip address outside pppoe setroute
    > > ip address inside 192.168.1.3 255.255.255.0
    > > ip audit info action alarm
    > > ip audit attack action alarm
    > > pdm logging informational 100
    > > pdm history enable
    > > arp timeout 14400
    > > global (outside) 1 interface
    > > nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    > > static (inside,outside) tcp 0.0.0.0 telnet 192.168.1.111 telnet
    > > netmask 255.255.255.255 0 0
    > > access-group 101 in interface outside

    >
    > access-list 101 permit tcp any interface outside eq telnet
    >
    > http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63...
    >
    > static (inside,outside) tcp interface telnet 192.168.1.111 telnet
    >
    > http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63...


    Perfect ! Thanks, its now working a treat.
    boxers999, Apr 26, 2007
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. lfnetworking

    pix 506 logical port support

    lfnetworking, Mar 18, 2006, in forum: Cisco
    Replies:
    1
    Views:
    399
    Walter Roberson
    Mar 18, 2006
  2. Jack B. Pollack
    Replies:
    4
    Views:
    1,225
    Zaltor
    Jul 24, 2003
  3. boxers999
    Replies:
    2
    Views:
    334
    Walter Roberson
    Apr 28, 2007
  4. ToyalP2
    Replies:
    7
    Views:
    1,515
    ToyalP2
    Jan 7, 2008
  5. Chris Roberts
    Replies:
    6
    Views:
    1,849
    Martin Gallagher
    Jul 23, 2011
Loading...

Share This Page