10-14-2006 12:32 AM - edited 02-21-2020 01:14 AM
Hi,
I need configuration help for PIX 525 with PIX OS 7.1
My scenario is like this:
Firewall inside network 192.168.1.0 /24
Firewall inside interface IP 192.168.1.1
Firewall outside network 192.168.2.0/24
Firewall outside interface IP 192.168.2.1
I have to permit hosts 192.168.2.11 to 20 to access anything in the inside network.
Can somebody help in configuring this.
Regards
skrao
10-14-2006 01:27 AM
hi sivakondalarao,
try posting your config to better understand you setup, rest you can try this for the desired results
create an access-list and apply it to your outside interface
"access-list acl_out permit tcp any host 192.168.2.11"
apply to interface
"access-group acl_out in interface outside"
create a static for outside ip to commnicate with inside host
"static (inside,outside) tcp 192.168.2.11 192.168.1.x netmask 255.255.255.255"
also create an access-list and apply it to our inside interface
"access-list acl_inside permit ip any any"
apply to interface
"access-group acl_inside in interface inside"
hope this helps
10-14-2006 03:39 AM
Hi can can:
1.- Create a static translation for all the internal hosts
static (inside,outside) 192.168.1.0 192.168.1.0 netmask 255.255.255.0
2.- Create an access-list for the outside network to initiate traffic to the inside hosts
access-list Outside_In extended permit ip 192.168.2.0 255.255.255.0 192.168.1.0 255.255.255.0
access-group Outside_In in interface Outside
3.- make sure your access-list applied to the Internal interface allow outbound traffic i.e
access-list Inside_Out extended permit ip 192.168.1.0 255.255.255.0 any
access-group Inside_Out in interface Inside
I hope it helps ... please rate it if it does
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: