cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
317
Views
0
Helpful
1
Replies

Access to web server behind pix 501 running PAT

alberto.m
Level 1
Level 1

I have setup a pix 501 with a basic PAT configuration which I have attached to this post.

router: 192.168.101.254

pix outside if: 192.168.110.150

pix inside if: 10.1.1.1

web server: 10.1.1.2

I have only one static address available to use on the outside interface and I am running dhcp internally. Everthing runs great however I want to give access to an internal web server. After entering the following commands, I do gain access to the web server from the outside however now only the web server can get out. No clients can get out to the internet. Is it possible to set this up using PAT with one static address?

Static (inside,outside) 192.168.110.150 10.1.1.2

access-list 101 permit tcp any bost 192.168.110.150 eq www

access-group 101 in interface outside

Thanks in advance

alberto

1 Reply 1

alberto.m
Level 1
Level 1

access-list 101 permit tcp any bost 192.168.110.150 eq www in the startup config does read host not "bost"

Review Cisco Networking for a $25 gift card