cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

384
Views
9
Helpful
36
Replies
Participant

Re: static PAT statements, need help...

Great, as long as email is working. I know most companies consider it the most important service.

Beginner

Re: static PAT statements, need help...

that i will definitely buy! good deal...i am glad your moving forward. i love this forum stuff, we not only reinforce the knowledge everyone has but everyone continues to learn. :)

Beginner

Re: static PAT statements, need help...

ok, now that we've gone through all of this... for the sheer heck of it I added all the other static lines back in....

you're gonna love this...

its all working now! What's with that?! haha.

I dont know why it wouldnt pick up but now it is on all ports.

I have the following in static now...

static (inside,outside) tcp MainOffice smtp 192.168.50.13 smtp netmask 255.255.2

55.255 0 0

static (inside,outside) tcp MainOffice pop3 192.168.50.13 pop3 netmask 255.255.255.255 0 0

static (inside,outside) tcp MainOffice telnet 192.168.50.201 telnet netmask 255.255.255.255 0 0

static (inside,outside) tcp MainOffice 3389 192.168.50.75 3389 netmask 255.255.255.255 0 0

All of which work... (I had to come home to test all of them of course since its hard to do from within the network that the firewall is protecting.)

So, negate what we 'learned'... you can do inbound PAT on a one to many basis. But I still dont understand why it didnt work until I removed all the static lines and added them back in. (that seems to be what changed when it started working since i removed them all to add just one at a time)

So... I dunno, maybe its user error? ha, wouldnt surprise me, but it all works now.

Thanks guys,

Dave

Beginner

Re: static PAT statements, need help...

well i'll be a son-of-b!*$@!!!! i have no idea what i am talking about then!!! HA HA.

i am just glad you are working, and maybe someone else watching the boards can help us understand.

Later.

Participant

Re: static PAT statements, need help...

I have seen some weird things the the static mappings on PIX's. I had one issue with a client when I could not get a one to one static map to one server work. I tried everything. After a while, I decided that I would try the mapping a different external address just to test, and it worked. I switched back to the other one and it stopped working. The first IP was in the middle of the range, so I know it wasn't a subnet issue. I ended up calling their ISP and changing their DNS records instead of using that other IP. To make matters worse, later they added a server that needed to be accessed from the internet and I had to use the other IP because it was the only one left in their range, and it worked when I used it with that server. I just chalked it up to one of those computer things I will never figure out.

Cisco Employee

Re: static PAT statements, need help...

Can you send me all your static statements AND all your NAT/Global statements (or maybe post your entire working config one last time), I want to check this cause you certainly can create multiple PAT statements to different ports, I've done it plenty of times.

Highlighted
Beginner

Re: static PAT statements, need help...

Well, its all working fine now, but here they are anyway. :)

static (inside,outside) tcp MainOffice telnet 192.168.50.201 telnet netmask 255.

255.255.255 0 0

static (inside,outside) tcp MainOffice 3389 192.168.50.75 3389 netmask 255.255.255.255 0 0

static (inside,outside) tcp MainOffice pop3 192.168.50.13 pop3 netmask 255.255.255.255 0 0

static (inside,outside) tcp MainOffice smtp 192.168.50.13 smtp netmask 255.255.255.255 0 0

nat (inside) 0 access-list 100

nat (inside) 10 192.168.50.13 255.255.255.255 0 0

nat (inside) 2 192.168.50.0 255.255.255.0 0 0

I dont think in need that nat 10 entry, so i'll be taking it out next time im at home and testing to make sure.