NAT on PIX 501 and inside server

Discussion in 'Cisco' started by mwa, Sep 10, 2006.

  1. mwa

    mwa Guest

    Hi there,

    I have a PIX 501 with a public IP address on the outside interface.
    On the inside interface a server is connected with the ip

    What do I need to configure to have that server reachable from the
    outside (remote desktop)?
    I suppose I need some kind on NAT on the port 3389.

    But what do I do in the config files?

    Best Regards
    mwa, Sep 10, 2006
    1. Advertisements

  2. mwa

    vreyesii Guest

    Hi Martin,

    What you need is first an access-list, and then a static statement to
    point to the server behind the PIX.

    For example:

    access-list allow_inbound permit tcp any interface outside eq 3389

    static (inside, outside) tcp interface 3389 3389 netmask 0 0

    Also, after you enter both of these commnads make sure that you reload
    the access-group for the access-list. By using the command.

    access-group allow_inbound in interface outside and then the command
    clear xlate.

    That should work for you. If you have anymore with the commands let me

    vreyesii, Sep 10, 2006
    1. Advertisements

  3. mwa

    mwa Guest

    Thank you for your help :)

    What if I only want two public IP's to have access?

    Best Regards

    vreyesii skrev:
    mwa, Sep 11, 2006
  4. mwa

    mwa Guest

    It is working now... just two access-list's


    mwa, Sep 11, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.