Many thanks for your valuble response.

I have already added that access-list antry also, even I forget to mention it there.

But unfortunately still it is not allowing outsiders to come inside through https.

DO i have to restart the firewall or do a clear xlate command inorder to work that?

further, is there any way to view whether this NAT is working? (any show command or something ..) when i do show xlate command

it only display as

Global 203.115.19.49 Local 10.50.x.xx

and no port numbers are showing.

your kind advice is appreciated.

it was Nice to see your prompt response..

As u think I'm using port 8443 as https in my internal server.

let me expalin bit more about this senario.

previously our company requirment was provide access for outsiders to access this server on port 8443. (same as the servers https port 8443). so i make changes and it was working fine.

Now they wanted outsiders to access it through port 443 and redirecting that trafic as 8443 to the internal server from the PIX.(server side no change)

so what i have done was changed the previous one to one nat as bellow.

OLD- static (inside,outside) tcp 203.xxx.xx.xxx 10.50.4.10 netmask 255.255.255.255 0 0

NEW- static (inside,outside) tcp 203.xxx.xx.xxx https 10.50.4.10 8443 netmask 255.255.255.255 0 0

and provide access-list antry as

access-list 200 line 28 permit tcp any host 203.xxx.xx.xxx eq https

(this is my outside-inbound access list)

kindly mention whether it is really need to do clear xlate? is there any way to only remove a perticular entry?

when i do show nat it doesn't show all natings.(only 2 showing and i have many others also).

Kindly advice.

many thanks for spending your valuble time on this.

did u get it working ?

I reloaded the firewall and It is working now!!!

Many thanks for your valuble advices..

i am glad its working

and thanks for rating :)