05-25-2004 02:51 PM - edited 03-09-2019 07:30 AM
Prior to the installation of my PIX 501, my ISP provider had one of my static internal IP addresses mapped to a static outside IP. How do I do this using the PIX ?
05-25-2004 03:15 PM
Hi,
The quick start guide can guide you.
Additionally you can get the sample configs here
you just need to have this command (if using CLI)
static (inside,outside) public_ip_address private_ip_address
Thanks
Nadeem
05-25-2004 03:18 PM
Hi
You need the following command to create a static mapping:
static (inside,outside) out.side.ip.address in.side.ip.address netmask 255.255.255.255 0 0
If you are then looking to allow, say, http traffic then you need an access-list allowing it configured on the outside interface of the pix:
access-list acl_outside permit tcp any host out.side.ip.address eq www
access-group acl_outside in interface outside
See
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009402f.shtml or
for further examples
Hth
Kev
06-09-2004 05:49 PM
Will these setups allow me to access the internal IP via the public IP that is mapped???
06-09-2004 06:07 PM
Hi,
Surely, the static and the access-list will allow the access to private IP using its public IP
Thanks
Nadeem
06-17-2004 04:58 AM
I added the following lines
static (inside,outside) outsideIP insideIP netmask 255.255.255.255 0 0
access-list ACL_OUTSIDE permit tcp any host outsideIP eq www
access-group ACL_OUTSIDE in interface outside
When I try to acess the outside IP (public ip ) I get the following lines in the syslog
<166>Jun 17 2004 07:42:02: %PIX-6-302013: Built inbound TCP connection 637 for outside:216.xxx.xxx.xx/1980 (216.xxx.xxx.xx/1980) to inside:172.xx.x.xxx/80 (216.xxx.xxx.xx/80)
<166>Jun 17 2004 07:44:04: %PIX-6-302014: Teardown TCP connection 637 for outside:216.xxx.xxx.xx/1980 to inside:172.xx.x.xxx/80 duration 0:02:01 bytes 0 SYN Timeout
What am I doing wrong ?????
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide