Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
726
Views
0
Helpful
4
Replies

Unable to open ports on cisco PIX 6.3

jibsoni
Level 1
Level 1

‎09-20-2011 11:25 AM - edited ‎03-11-2019 02:27 PM

Hi,

I have a pix with 6.3(5) versionand I am  trying  to open  ports 10207,10210,10214,10009,13510 to a public IP address from my  192.168.5.0/24 LAN network. I tryied so many ways and its not working throught pix (I tried to access the same ports from my home network and its working fine).

Please note that internet is working fine from 192.168.5.x network through PIX . ACL's & Fixup's are as mentioned below

access-list INSIDE permit ip 192.168.0.0 255.255.255.0 any

access-group INSIDE in interface inside

fixup protocol dns maximum-length 512
fixup protocol ftp 21
no fixup protocol h323 h225 1720
no fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol pptp 1723
fixup protocol rsh 514
no fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69

I am totally confused why those ports are not working , Please help me in resolving this issue.

Labels:
0 Helpful
4 Replies 4

varrao
Level 10
Level 10

‎09-20-2011 11:35 AM

Hi,

From inside to outside on PIX, by default all the traffic is permitted. Can you provide me a sample of your running config, as well as the public ip that you are trying to access??

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

varrao
Level 10
Level 10
In response to varrao

‎09-20-2011 11:41 AM

Is the access-list:

access-list INSIDE permit ip 192.168.0.0 255.255.255.0 any

or

access-list INSIDE permit ip 192.168.0.0 255.255.0.0 any

Varun

Thanks,
Varun Rao
0 Helpful

jibsoni
Level 1
Level 1
In response to varrao

‎09-20-2011 07:29 PM

sorry my access-list is

access-list INSIDE permit ip 192.168.0.0 255.255.255.0 any

and

access-list INSIDE permit ip 192.168.5.0 255.255.255.0 any

I am trying to access 94.56.137.209 using the above mentioned ports. I have a router outside the pix where leased line and ADSL is connected i am able to telnet to those ports from that router as well.

0 Helpful

Maykol Rojas
Cisco Employee
Cisco Employee
In response to jibsoni

‎09-20-2011 07:32 PM

Can you paste your configuration and remove the lines that you think the should be private? I would like to see the access list and the NAT statements.

Have you tried to access this site off the PIX?

Mike.

Mike
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card