Re: Static NAT to allow RDP through my firewall

cljennings25 · ‎12-07-2018

I have a comcast business modem/router 71.194.1.31 (public) with internal address of 10.1.10.1. My firewall "PIX" outside interface is 10.1.10.3 with all routes going to 10.1.10.1. The modem/router is performing no static route function.

interface Ethernet0
description outside interface
nameif outside
security-level 0
ip address 10.1.10.3 255.255.255.0
ospf cost 10

interface Ethernet1
description inside interface
nameif inside
security-level 100
ip address 10.1.1.1 255.255.0.0
ospf cost 10

route outside 0.0.0.0 0.0.0.0 10.1.10.1 1

I am trying to figure our how I can route RDP traffic to a server of 10.1.2.243? So I need the public address "71.194.1.31" to NAT to 10.1.2.243 with out affecting anything else. My PIX does not support PAT, its old.

I need RDP 3389 - 71.194.1.31 "public" --> 10.1.10.3 "outside" --> 10.1.1.1 "inside" --> 10.1.2.243 "server"

Thank you.

cljennings25 · ‎12-07-2018

Any help would be appreciated.

er.vansh17091 · ‎12-09-2018

Hi,

You have to create separate policy for both inside and outside

cljennings25 · ‎12-10-2018

Could you explain?

Kasun Bandara · ‎12-10-2018

Hi,

answer for your issue can find in below thread. also i suggest to go with new FTD, Firepower or ASA model because of PIX firewalls are not in production and support list now.

https://community.cisco.com/t5/firewalls/port-forwarding-on-pix-515e/td-p/1358019

good luck

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB