I have a PIX 501 thru which I need to forward traffic from the outside to two servers on the inside network. My outside address in this case will be xxx.xxx.xxx.xxx and the inside addressing range is 192.168.125.x and I want to allow remote assistance access to the two different servers using two different ports. One port is 3389 (for one server) and 5405 (for the other server)
So far I have in my PIX config:
access-list inbound permit tcp any host xxx.xxx.xxx.xxx eq 3389
access-list inbound permit udp any host xxx.xxx.xxx.xxx eq 3389
access-list inbound permit tcp any host xxx.xxx.xxx.xxx eq 5405
static (inside,outside) tcp xxx.xxx.xxx.xxx 5405 192.168.125.211 5405 netmask 255.255.255.255
static (inside,outside) tcp xxx.xxx.xxx.xxx 3389 192.168.125.201 3389 netmask 255.255.255.255
static (inside,outside) udp xxx.xxx.xxx.xxx 3389 192.168.125.201 3389 netmask 255.255.255.255
access-group inbound in interface outside
This does not appear to work. Is there a better more correct way of doing this?
Thanks
John