03-14-2011 02:48 AM - edited 03-11-2019 01:06 PM
Please help.
Hi I'm new to this site. I need to open ports 5000 and 5001 on my Cisco PIX 501 to enable some users to be able to connect to our CCTV from outside, can anyone please advice how should I open these 2 ports?
any help is very appreciated.
Tks
03-14-2011 03:01 AM
Thank you for your question. This community is for Cisco Small Business products and your question is in reference to a Cisco Elite/Classic product. We have moved your post into the NetPro firewalling area.
03-14-2011 10:30 PM
Thanks Riroe for moving it to right community.
03-14-2011 10:30 PM
Hello Ray,
You will have to do 2 things to achieve the same.
1) Add a port forwarding statement on outside interface to allow port 5000 & 5001. This is can be either done using interface IP address or a free public IP address.
- static(inside,outside) tcp interface 5000
- static(inside,outside) tcp interface 5001
or
- static(inside,outside) tcp
- static(inside,outside) tcp
2) Allow ports on outside interface to all/specific users on outside
access-list outside_access_in permit tcp any host
access-list outside_access_in permit tcp any host
access-group outside_access_in in interface outside
"outside_access_in" is th name of the access-list used. If you have existing access-list acting in inward direction then add these lines to the same.
Hope this helps. Please reply back if you need any further assistance.
Regards,
Chirag
P.S.: Please mark this thread as answered if you feel your query is answered. Do rate helpful posts.
03-15-2011 07:41 AM
Hello Chirag
Many thanks for your reply. I am not sure if I can manage this setup. does it need to be done through command prompt or it can be done through the PIX interface?
Sorry not familiar with PIX.
Tks,
Ray
03-15-2011 07:49 AM
Hello Ray,
If you have a TAC contract that seek assistance. You can use both CLI or GUI to configure the same.
If you are running on PIX 6.3.x, then here is a guide for you : http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/config.html
For 7.0 or higher, http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/conf_gd.html
Please mark the post answered for others to refer in future.
Regards,
Chirag
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide