cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1409
Views
0
Helpful
2
Replies

PIX - how to define (bind) an acl to the dynamic ip address of an interface

LOUIS BOUCHARD
Level 1
Level 1

the outside ip address of my PIX is dynamicly assigned from my provider DHCP server.

is there a way to define and inbound acl to allow inbound traffic to go thru with port redirection.

my problem is that if my outside dynamic address change from 64.1.1.3 to something else, i am screwed !!!

access-list acl_out permit tcp any host 64.1.1.3 eq 8080

access-group acl_out in interface outside

static (inside,outside) tcp interface 8080 192.168.100.5 www netmask 255.255.255.255 0 0

2 Replies 2

mmellet
Level 3
Level 3

I don’t see a way to do it right now but if the ACL could act like an extended ACL and take hostnames, you could use DNS. Perhaps this would be a good idea for you to suggest to Cisco.

belihe
Level 1
Level 1

This works.

access-list 102 permit tcp any any eq www

access-group 102 in interface outside

static (inside,outside) tcp interface www 192.168.254.218 www netmask 255.255.255.255 0 0

Review Cisco Networking for a $25 gift card