PIX501 & PC-Anywhere

Discussion in 'Cisco' started by myotherbox@gmail.com, Feb 23, 2006.

  1. Guest

    I'm trying to set up my PIX to allow people to pc-anywhere in to a
    specific PC.

    Here's what I believe to be the relevant parts from my running config:

    access-list outside_access_in permit tcp any host xx.xxx.xxx.xx eq
    pcanywhere-data
    access-list outside_access_in permit udp any host xx.xxx.xxx.xx eq
    pcanywhere-status
    static (outside,inside) 192.168.1.99 xx.xxx.xxx.xx netmask
    255.255.255.255 0 0
    static (inside,outside) xx.xxx.xxx.xx 192.168.1.99 netmask
    255.255.255.255 0 0

    Where xx.xxx.xxx.xxx is one of our static IP's and 192.168.1.99 is the
    static inside IP for the PC I want to PC-Anywhere into.

    Any idea why this isn't working? Thanks in advance!

    Brett
     
    , Feb 23, 2006
    #1
    1. Advertisements

  2. mcaissie

    mcaissie Guest

    You only need one static command. You only want to mask the inside IP with
    an outside IP
    so you only need the static (inside,outside) command.

    --Get rid of;

    no static (outside,inside) 192.168.1.99 xx.xxx.xxx.xx netmask
    255.255.255.255 0 0


    --make sure your access-list is applied on the outside interface

    access-group outside_access_in in interface outside




    <> wrote in message
    news:...
    > I'm trying to set up my PIX to allow people to pc-anywhere in to a
    > specific PC.
    >
    > Here's what I believe to be the relevant parts from my running config:
    >
    > access-list outside_access_in permit tcp any host xx.xxx.xxx.xx eq
    > pcanywhere-data
    > access-list outside_access_in permit udp any host xx.xxx.xxx.xx eq
    > pcanywhere-status
    > static (outside,inside) 192.168.1.99 xx.xxx.xxx.xx netmask
    > 255.255.255.255 0 0
    > static (inside,outside) xx.xxx.xxx.xx 192.168.1.99 netmask
    > 255.255.255.255 0 0
    >
    > Where xx.xxx.xxx.xxx is one of our static IP's and 192.168.1.99 is the
    > static inside IP for the PC I want to PC-Anywhere into.
    >
    > Any idea why this isn't working? Thanks in advance!
    >
    > Brett
    >
     
    mcaissie, Feb 23, 2006
    #2
    1. Advertisements

  3. Guest

    Thanks for your reply.

    When I try to get rid of that command, I get the message:

    "PDM has found that this operation will result in some security rules
    getting nullified. Please review your translation/security rules,
    before retrying this operation."

    Any ideas? Thanks!

    Brett
     
    , Feb 24, 2006
    #3
  4. mcaissie

    mcaissie Guest

    I only work with CLI so i don't know why the PDM doesn't like it.

    But if you have an access-group referencing to the x.x.x.x address, maybe
    it't the PDM concern.

    You may try to remove the access-group, before removing the static , then
    reapplying it


    <> wrote in message
    news:...
    > Thanks for your reply.
    >
    > When I try to get rid of that command, I get the message:
    >
    > "PDM has found that this operation will result in some security rules
    > getting nullified. Please review your translation/security rules,
    > before retrying this operation."
    >
    > Any ideas? Thanks!
    >
    > Brett
    >
     
    mcaissie, Feb 24, 2006
    #4
  5. Guest

    Thanks again for your reply.

    I can access the pix with the CLI. I'm telneted in right now. Problem
    is I don't know how to make the suggested change form the CLI. Any
    help you or anyone could provide would be greatly appreciated!

    Thanks

    Brett
     
    , Feb 24, 2006
    #5
  6. NETADMIN

    NETADMIN Guest

    PIX>
    PIX>en
    PIX:>password
    PIX#
    PIX#config t
    PIX(config t)#no static (outside,inside) 192.168.1.99 xx.xxx.xxx.xx
    netmask
    255.255.255.255 0 0
    PIX(config t)#access-group outside_access_in in interface outside
    PIX(config t)#exit
    PIX#
     
    NETADMIN, Feb 24, 2006
    #6
  7. Guest

    Thank you to everyone who replied. We're up and running now.

    Thanks!

    Brett
     
    , Feb 28, 2006
    #7
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jim

    PC Anywhere setup

    Jim, Oct 16, 2004, in forum: Wireless Networking
    Replies:
    3
    Views:
    6,198
    Bill Riggs
    Oct 19, 2004
  2. Paul King

    PC Anywhere vs Wireless

    Paul King, Jun 13, 2005, in forum: Wireless Networking
    Replies:
    0
    Views:
    585
    Paul King
    Jun 13, 2005
  3. Replies:
    2
    Views:
    2,903
    Barb Bowman MVP-Windows
    Sep 1, 2005
  4. the_poet

    PIX 501 and PC Anywhere

    the_poet, Feb 5, 2004, in forum: Cisco
    Replies:
    0
    Views:
    604
    the_poet
    Feb 5, 2004
  5. Volatileacid
    Replies:
    1
    Views:
    1,717
    Hansang Bae
    Jul 30, 2004
Loading...

Share This Page