I would be really pleased if someone could help me on a problem I have
with port forwarding (PIX 515):

What I am trying to do is pretty simple: forward everything comming to
the outside adresse O.U.T.S/8888 to the DMZ host D.M.Z.I/22.

To do this, I tried the following commands:

static (dmz, outside) tcp O.U.T.S 8888 D.M.Z.I 22 netmask
255.255.255.255
access-list acl_out permit tcp any host O.U.T.S eq 8888
access-group acl_out in interface outside


These commands do not work: it seems the address translation is OK,
but the packets are forwarded to the DMZ host with port 8888 instead
of port 22. I logs the following:

%PIX-6-302013: Built inbound TCP connection 5340295 for
outside:81.57.0.176/60239 (81.57.0.176/60239) to dmz.M.Z.I/7500
(O.U.T.S/7500)

Does anybody have an explanation (or a solution for my problem !) to
this ??
Thanks in advance for your help !

try
nat(dmz) 1 subnet_dmz netmask_dmz
global (outside) 1 interface
clear xlate

Renaud wrote:

It worked fine !
Thanks a lot for your help !

In fact, I only cleared xlates, since the DMZ subnet was already nated
(on another public adresse ...)

Renaud