10-24-2012 11:26 AM - edited 03-11-2019 05:13 PM
Hello,
Current Config below of my Pix 501 and working:
interface ethernet0 auto
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
hostname bmi-501-fw-1
domain-name buildmeit.internal
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
access-list PERMIT_IN deny tcp any any
access-list PERMIT_IN deny ip any any
access-list PERMIT_IN deny udp any any
access-list PERMIT_OUT permit tcp any any
access-list PERMIT_OUT permit ip any any
access-list PERMIT_OUT permit udp any any
access-list PERMIT_OUT permit icmp any any
pager lines 24
mtu outside 1500
mtu inside 1500
ip address outside XXX.XX.XXX.XXX 255.255.240.0
ip address inside 10.52.100.123 255.255.255.0
global (outside) 1 interface
outside interface address added to PAT pool
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
access-group PERMIT_IN in interface outside
access-group PERMIT_OUT in interface inside
route outside 0.0.0.0 0.0.0.0 XX.XX.XXX.1 1
route inside 10.52.0.0 255.255.0.0 10.52.100.123 1
wr mem
I have an internal mail server (10.52.10.15):
What command do I use to open\forward port for port 25 and 443?
Thank you.
10-24-2012 04:09 PM
Which public ip address would you like to use?
If you want to use the PIX outside interface IP, then here is the command:
static (inside,outside) tcp interface 25 10.52.10.15 25 netmask 255.255.255.255
static (inside,outside) tcp interface 443 10.52.10.15 443 netmask 255.255.255.255
If you owant to use a spare public IP, then here is the command:
static (inside,outside)
Then you would also need to add it to your access-list on the outside:
access-list PERMIT_IN line 1 extended permit tcp any host
access-list PERMIT_IN line 2 extended permit tcp any host
Hope this helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide