Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
943
Views
0
Helpful
1
Replies

NFS protocol across the Pix firewall

david.tran
Level 4
Level 4

‎12-31-2011 02:41 PM - edited ‎03-11-2019 03:08 PM

I have a Pix 515E running PixOS version 8.0.4 with two interfaces, inside and outside.

On the inside interface, I have a Redhat Enterprise Linux 5.4 64 bits machine as an NFS server version 4 (NFSv4).

On the outside interface, I have three (3) Redhat Enterprise Linux 5.4 64 bits as NFS clients.

I have the following configuration on the Pix:

static (inside,outside) 192.168.1.1 4.2.2.2 netmask 255.255.255.255

access-list external permit icmp any any log

access-group external in interface outside

At the moment, none of the Linux client machines can mount a share on the NFS server because

my ACL is too restrictive.  I would like to be able to open the firewall so that Linux client

machines can mount the NFS server using NFS over UDP or NFS over TCP.

I am looking for the exact UDP and TCP ports to be added to the ACL in order to accomplish

this, from someone who have done this before.

Anyone know how to do this?

Thanks,

Labels:
0 Helpful
1 Reply 1

david.tran
Level 4
Level 4

‎12-31-2011 03:33 PM

I think I just answer my own post.  Just need to add about three lines to the configuration:

access-list external permit tcp any host 4.2.2.2 eq 111 log

access-list external permit udp any host 4.2.2.2 eq 111 log

fixup protocol sunrpc 111

Now I can mount the NFS server from my linux machines

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card