01-29-2008 09:05 AM - edited 03-11-2019 04:55 AM
Hi
I would like some help with the following on a PIX.
Currently we have the following -
name 10.2.1.10 XSERVER
static (inside,outside) 192.168.3.1 XSERVER netmask 255.255.255.255
access-list inside_access_in extended permit tcp host XSERVER eq smtp any
access-list inside_access_in extended permit tcp host XSERVER any eq www
access-list inside_access_in extended permit tcp host XSERVER any eq https
access-list inside_access_in extended permit tcp host XSERVER host BWEB eq www
access-list inside_access_in extended permit tcp host XSERVER host BWEB eq https
access-list inside_access_in extended permit tcp host XSERVER any eq 8080
Can we direct anything that comes into 192.168.3.1 on port 80 (only) to the following server ?
name 10.0.1.50 YSERVER
01-29-2008 09:09 AM
Yes but you have to do it this way
static (inside,outside) tcp 192.168.3.1 smtp XSERVER smtp netmask 255.255.255.255
static (inside,outside) tcp 192.168.3.1 8080 XSERVER 8080 netmask 255.255.255.255
static (inside,outside) tcp 192.168.3.1 https XSERVER https netmask 255.255.255.255
static (inside,outside) tcp 192.168.3.1 www YSERVER www netmask 255.255.255.255
I'm confused by your acl as well. Is this traffic coming from the outside?
01-29-2008 01:52 PM
Yes its from outside - I kind of inherited this PIX so its a bit of a mess really !
Thanks for your help, I will try it tomorrow.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide