cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
336
Views
0
Helpful
4
Replies
Beginner

Unable to open ports on cisco PIX 6.3

Hi,

I have a pix with 6.3(5) versionand I am  trying  to open  ports 10207,10210,10214,10009,13510 to a public IP address from my  192.168.5.0/24 LAN network. I tryied so many ways and its not working throught pix (I tried to access the same ports from my home network and its working fine).

Please note that internet is working fine from 192.168.5.x network through PIX . ACL's & Fixup's are as mentioned below

access-list INSIDE permit ip 192.168.0.0 255.255.255.0 any

access-group INSIDE in interface inside

fixup protocol dns maximum-length 512
fixup protocol ftp 21
no fixup protocol h323 h225 1720
no fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol pptp 1723
fixup protocol rsh 514
no fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69

I am totally confused why those ports are not working , Please help me in resolving this issue.

4 REPLIES 4
Highlighted
Advocate

Unable to open ports on cisco PIX 6.3

Hi,

From inside to outside on PIX, by default all the traffic is permitted. Can you provide me a sample of your running config, as well as the public ip that you are trying to access??

Thanks,

Varun

Thanks, Varun Rao Security Team, Cisco TAC
Highlighted
Advocate

Unable to open ports on cisco PIX 6.3

Is the access-list:

access-list INSIDE permit ip 192.168.0.0 255.255.255.0 any

or

access-list INSIDE permit ip 192.168.0.0 255.255.0.0 any

Varun

Thanks, Varun Rao Security Team, Cisco TAC
Highlighted
Beginner

Unable to open ports on cisco PIX 6.3

sorry my access-list is

access-list INSIDE permit ip 192.168.0.0 255.255.255.0 any

and

access-list INSIDE permit ip 192.168.5.0 255.255.255.0 any

I am trying to access 94.56.137.209 using the above mentioned ports. I have a router outside the pix where leased line and ADSL is connected i am able to telnet to those ports from that router as well.

Highlighted
Cisco Employee

Unable to open ports on cisco PIX 6.3

Can you paste your configuration and remove the lines that you think the should be private? I would like to see the access list and the NAT statements.

Have you tried to access this site off the PIX?

Mike.

Mike