10-14-2006 12:32 AM - edited 02-21-2020 01:14 AM
Hi,
I need configuration help for PIX 525 with PIX OS 7.1
My scenario is like this:
Firewall inside network 192.168.1.0 /24
Firewall inside interface IP 192.168.1.1
Firewall outside network 192.168.2.0/24
Firewall outside interface IP 192.168.2.1
I have to permit hosts 192.168.2.11 to 20 to access anything in the inside network.
Can somebody help in configuring this.
Regards
skrao
10-14-2006 01:27 AM
hi sivakondalarao,
try posting your config to better understand you setup, rest you can try this for the desired results
create an access-list and apply it to your outside interface
"access-list acl_out permit tcp any host 192.168.2.11"
apply to interface
"access-group acl_out in interface outside"
create a static for outside ip to commnicate with inside host
"static (inside,outside) tcp 192.168.2.11 192.168.1.x netmask 255.255.255.255"
also create an access-list and apply it to our inside interface
"access-list acl_inside permit ip any any"
apply to interface
"access-group acl_inside in interface inside"
hope this helps
10-14-2006 03:39 AM
Hi can can:
1.- Create a static translation for all the internal hosts
static (inside,outside) 192.168.1.0 192.168.1.0 netmask 255.255.255.0
2.- Create an access-list for the outside network to initiate traffic to the inside hosts
access-list Outside_In extended permit ip 192.168.2.0 255.255.255.0 192.168.1.0 255.255.255.0
access-group Outside_In in interface Outside
3.- make sure your access-list applied to the Internal interface allow outbound traffic i.e
access-list Inside_Out extended permit ip 192.168.1.0 255.255.255.0 any
access-group Inside_Out in interface Inside
I hope it helps ... please rate it if it does
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide