12-17-2002 03:51 PM - edited 03-09-2019 01:26 AM
in the following rule:
static (dmz,outside) tcp interface PORT# server port# netmask 255.255.255.255 0 0
Is it possible to state multiple PORT#'s to one port#? If yes, how?
Thanks
unenlightened
Solved! Go to Solution.
12-17-2002 09:41 PM
No, you can't do this and the PIX parser won't allow it.
Think about what would happen to traffic if you mapped say, outside ports 40 and 41 to inside port 40. TRaffic coming on either port would both be mapped to port 40 on the inside, no problem there. The return traffic however, would hit the PIX, which then has to decide whether to map it to port 40 or 41 on the outside. The PIX has no way of knowing which one it should be and so it fails.
12-17-2002 09:41 PM
No, you can't do this and the PIX parser won't allow it.
Think about what would happen to traffic if you mapped say, outside ports 40 and 41 to inside port 40. TRaffic coming on either port would both be mapped to port 40 on the inside, no problem there. The return traffic however, would hit the PIX, which then has to decide whether to map it to port 40 or 41 on the outside. The PIX has no way of knowing which one it should be and so it fails.
12-18-2002 09:20 AM
Thanks,
a very logical responce...I don't know how I didn't see that?
}^8)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide