Re: Cisco PIX 501
From: Simon (si.usenet_at_gmail.com)
Date: 09/14/05
- Next message: Walter Roberson: "Re: Cisco PIX 501"
- Previous message: Shadus: "Re: Cisco PIX 501"
- In reply to: Shadus: "Cisco PIX 501"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 14 Sep 2005 18:56:14 +0100
On Wed, 14 Sep 2005 11:51:38 -0500, Shadus <shadus@shadus.org> wrote:
>I'm presently trying to setup a cisco pix 501 to forward a range of
>ports to a host on the inside.
>
>192.168.100.200 needs to have several ports forwarded along to it.
>I've tried a couple different methods but everytime it comes back
>to setting a static up for each individual port... for obvious
>reasons when dealing with ~120 ports this sucks. When I only needed 10
>ports I just setup static (outside, inside) 6881 192.168.100.200 6881
>netmask 255.255.255.255 0 0... cant get it to work with a range or
>object-group though... but i may be doing something wrong.
>
>Any ideas? Here's the current config (It currently has some remenants of
>me trying to get the portrange forwarded.)
>
>The basics are: I need ports 6881-6999, 6112, 3724 forwarded to
>192.168.100.200 and I dont want to do ~120 lines of static port mappings
>
SNIP
>Ideas? Suggestions?
slight mistake in previous posting. Didn't put eq in access-list
command
access-list inside_acl permit tcp 192.168.100.200 255.255.255.0 host
xxx.xxx.xxx.xxx range 6881 6999
access-list inside_acl permit tcp 192.168.100.200 255.255.255.0 host
xxx.xxx.xxx.xxx eq 6112
access-list inside_acl permit tcp 192.168.100.200 255.255.255.0 host
xxx.xxx.xxx.xxx eq 3724
then set a static route to 192.168.100.200 from whatever public IP
address you have assigned
Is this what your looking for
-- Si -- Simon
- Next message: Walter Roberson: "Re: Cisco PIX 501"
- Previous message: Shadus: "Re: Cisco PIX 501"
- In reply to: Shadus: "Cisco PIX 501"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
