PIX static translation; port redirection

Discussion in 'Cisco' started by gringo2, Sep 15, 2004.

  1. gringo2

    gringo2 Guest

    Please help.

    I am working with a PIX 515 (6.3). I have setup port redirection via
    static translation to have telnet access from the outside interface
    come in on an unassigned port and then redirected to 23. Example:

    static (inside,outside) tcp 192.168.1.1 45000 10.10.10.1 23 netmask
    255.255.255.0 0 0

    Although this allows access to the device on port 23, it appears to
    prohibit all other communication. I would like to have traffic coming
    to the device on port 45000 redirected to port 23 while maintaining
    the other tcp, udp and IP services. The associated access-list allows
    for full IP connectivity.

    If anyone here can advise me in this matter I would greatly appreciate
    it. I have exhausted my own pool of know-how (as I often do) and now
    hope that someone here can help me.

    Thank you.
     
    gringo2, Sep 15, 2004
    #1
    1. Advertising

  2. "gringo2" <> wrote in message
    news:...

    > static (inside,outside) tcp 192.168.1.1 45000 10.10.10.1 23 netmask
    > 255.255.255.0 0 0
    >
    > Although this allows access to the device on port 23, it appears to
    > prohibit all other communication.


    Try change the netmask to 255.255.255.255

    HTH
    Martin Bilgrav
     
    Martin Bilgrav, Sep 15, 2004
    #2
    1. Advertising

  3. gringo2

    gringo2 Guest

    "Martin Bilgrav" <> wrote in message news:<zD12d.49138$>...
    > "gringo2" <> wrote in message
    > news:...
    >
    > > static (inside,outside) tcp 192.168.1.1 45000 10.10.10.1 23 netmask
    > > 255.255.255.0 0 0
    > >
    > > Although this allows access to the device on port 23, it appears to
    > > prohibit all other communication.

    >
    > Try change the netmask to 255.255.255.255
    >
    > HTH
    > Martin Bilgrav


    Excuse my mistake, I am actually using the 255.255.255.255 subnet
    mask. So that it is a one to one translation.

    Thank you for the suggestion though.
     
    gringo2, Sep 17, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Memnoch
    Replies:
    0
    Views:
    549
    Memnoch
    Jul 17, 2003
  2. staalejg
    Replies:
    1
    Views:
    542
    Walter Roberson
    Jul 17, 2003
  3. staalejg
    Replies:
    0
    Views:
    495
    staalejg
    Jul 17, 2003
  4. Jocelyn
    Replies:
    0
    Views:
    487
    Jocelyn
    Jul 17, 2003
  5. BitBucket
    Replies:
    4
    Views:
    3,883
    BitBucket
    Nov 3, 2003
Loading...

Share This Page