NATting inside address

shoebwk · ‎02-15-2006

Hi

What would be the command to NAT the inside IP address for Telnet. My firewall IP address is 203.41.1.x and i want to give a telnet access port 22 & 23 to inside Server 10.200.1.2

pkhatri · ‎02-15-2006

Try something like this:

access-list ACL_IN permit tcp any host 203.41.1.x eq 22

access-list ACL_IN permit tcp any host 203.41.1.x eq 23

access-group ACL_IN in interface outside

static (inside,outside) 203.41.1.x 10.200.1.2

Hope that helps - pls rate the post if it does.

Paresh

shoebwk · ‎03-07-2006

hi Paresh

i used the following config, but its not working.

static (inside,outside) tcp 203.41.1.x 23 10.222.0.3 23 netmask 255.255.255.255 0 0

access-list telnet_in permit tcp any host 203.41.1.x eq 23

access-group telnet_in in interface outside

clear xlate

what is the tools to access telnet on port 22?

spremkumar · ‎03-08-2006

hi

Try configuring SSH access on your PIX to access the box from outside nework.

http://cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008054d863.html

regds

jackko · ‎03-08-2006

static port forwarding needs to be configured rather than ordinary static nat. the reason being that only one public ip is available.

e.g.

static (inside,outside) tcp interface 23 10.222.0.3 23 netmask 255.255.255.255

static (inside,outside) tcp interface 22 10.222.0.3 22 netmask 255.255.255.255

clear xlate local 10.222.0.3

access-list 111 permit tcp any interface outside eq 23

access-list 111 permit tcp any interface outside eq 22

access-group 111 in interface outside