PIX501 & PC-Anywhere

Discussion in 'Cisco' started by myotherbox@gmail.com, Feb 23, 2006.

  1. Guest

    I'm trying to set up my PIX to allow people to pc-anywhere in to a
    specific PC.

    Here's what I believe to be the relevant parts from my running config:

    access-list outside_access_in permit tcp any host xx.xxx.xxx.xx eq
    pcanywhere-data
    access-list outside_access_in permit udp any host xx.xxx.xxx.xx eq
    pcanywhere-status
    static (outside,inside) 192.168.1.99 xx.xxx.xxx.xx netmask
    255.255.255.255 0 0
    static (inside,outside) xx.xxx.xxx.xx 192.168.1.99 netmask
    255.255.255.255 0 0

    Where xx.xxx.xxx.xxx is one of our static IP's and 192.168.1.99 is the
    static inside IP for the PC I want to PC-Anywhere into.

    Any idea why this isn't working? Thanks in advance!

    Brett
     
    , Feb 23, 2006
    #1
    1. Advertising

  2. mcaissie Guest

    You only need one static command. You only want to mask the inside IP with
    an outside IP
    so you only need the static (inside,outside) command.

    --Get rid of;

    no static (outside,inside) 192.168.1.99 xx.xxx.xxx.xx netmask
    255.255.255.255 0 0


    --make sure your access-list is applied on the outside interface

    access-group outside_access_in in interface outside




    <> wrote in message
    news:...
    > I'm trying to set up my PIX to allow people to pc-anywhere in to a
    > specific PC.
    >
    > Here's what I believe to be the relevant parts from my running config:
    >
    > access-list outside_access_in permit tcp any host xx.xxx.xxx.xx eq
    > pcanywhere-data
    > access-list outside_access_in permit udp any host xx.xxx.xxx.xx eq
    > pcanywhere-status
    > static (outside,inside) 192.168.1.99 xx.xxx.xxx.xx netmask
    > 255.255.255.255 0 0
    > static (inside,outside) xx.xxx.xxx.xx 192.168.1.99 netmask
    > 255.255.255.255 0 0
    >
    > Where xx.xxx.xxx.xxx is one of our static IP's and 192.168.1.99 is the
    > static inside IP for the PC I want to PC-Anywhere into.
    >
    > Any idea why this isn't working? Thanks in advance!
    >
    > Brett
    >
     
    mcaissie, Feb 23, 2006
    #2
    1. Advertising

  3. Guest

    Thanks for your reply.

    When I try to get rid of that command, I get the message:

    "PDM has found that this operation will result in some security rules
    getting nullified. Please review your translation/security rules,
    before retrying this operation."

    Any ideas? Thanks!

    Brett
     
    , Feb 24, 2006
    #3
  4. mcaissie Guest

    I only work with CLI so i don't know why the PDM doesn't like it.

    But if you have an access-group referencing to the x.x.x.x address, maybe
    it't the PDM concern.

    You may try to remove the access-group, before removing the static , then
    reapplying it


    <> wrote in message
    news:...
    > Thanks for your reply.
    >
    > When I try to get rid of that command, I get the message:
    >
    > "PDM has found that this operation will result in some security rules
    > getting nullified. Please review your translation/security rules,
    > before retrying this operation."
    >
    > Any ideas? Thanks!
    >
    > Brett
    >
     
    mcaissie, Feb 24, 2006
    #4
  5. Guest

    Thanks again for your reply.

    I can access the pix with the CLI. I'm telneted in right now. Problem
    is I don't know how to make the suggested change form the CLI. Any
    help you or anyone could provide would be greatly appreciated!

    Thanks

    Brett
     
    , Feb 24, 2006
    #5
  6. NETADMIN Guest

    PIX>
    PIX>en
    PIX:>password
    PIX#
    PIX#config t
    PIX(config t)#no static (outside,inside) 192.168.1.99 xx.xxx.xxx.xx
    netmask
    255.255.255.255 0 0
    PIX(config t)#access-group outside_access_in in interface outside
    PIX(config t)#exit
    PIX#
     
    NETADMIN, Feb 24, 2006
    #6
  7. Guest

    Thank you to everyone who replied. We're up and running now.

    Thanks!

    Brett
     
    , Feb 28, 2006
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jim

    PC Anywhere setup

    Jim, Oct 16, 2004, in forum: Wireless Networking
    Replies:
    3
    Views:
    6,040
    Bill Riggs
    Oct 19, 2004
  2. Paul King

    PC Anywhere vs Wireless

    Paul King, Jun 13, 2005, in forum: Wireless Networking
    Replies:
    0
    Views:
    473
    Paul King
    Jun 13, 2005
  3. Replies:
    2
    Views:
    2,707
    Barb Bowman MVP-Windows
    Sep 1, 2005
  4. the_poet

    PIX 501 and PC Anywhere

    the_poet, Feb 5, 2004, in forum: Cisco
    Replies:
    0
    Views:
    495
    the_poet
    Feb 5, 2004
  5. Volatileacid
    Replies:
    1
    Views:
    1,543
    Hansang Bae
    Jul 30, 2004
Loading...

Share This Page