NAT on PIX 501 and inside server

Discussion in 'Cisco' started by mwa, Sep 10, 2006.

  1. mwa

    mwa Guest

    Hi there,

    I have a PIX 501 with a public IP address on the outside interface.
    On the inside interface a server is connected with the ip 192.168.0.10.

    What do I need to configure to have that server reachable from the
    outside (remote desktop)?
    I suppose I need some kind on NAT on the port 3389.

    But what do I do in the config files?

    Best Regards
    Martin
     
    mwa, Sep 10, 2006
    #1
    1. Advertisements

  2. mwa

    vreyesii Guest

    Hi Martin,

    What you need is first an access-list, and then a static statement to
    point to the server behind the PIX.

    For example:

    access-list allow_inbound permit tcp any interface outside eq 3389

    static (inside, outside) tcp interface 3389 192.168.0.10 3389 netmask
    255.255.255.255 0 0

    Also, after you enter both of these commnads make sure that you reload
    the access-group for the access-list. By using the command.

    access-group allow_inbound in interface outside and then the command
    clear xlate.

    That should work for you. If you have anymore with the commands let me
    know.

    vreyesii
     
    vreyesii, Sep 10, 2006
    #2
    1. Advertisements

  3. mwa

    mwa Guest

    Thank you for your help :)

    What if I only want two public IP's to have access?

    Best Regards
    Martin


    vreyesii skrev:
     
    mwa, Sep 11, 2006
    #3
  4. mwa

    mwa Guest

    It is working now... just two access-list's

    Regards
    Martin



    skrev:
     
    mwa, Sep 11, 2006
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.