- PIX 535: port forwarding newb problem
- Posted by douglas.j.watt@googlemail.com on March 5th, 2006
Hi folks, I need some help.
Trying to setup port forwarding for an app. for the first time on a
535:
I need to port forward a DMZ subnet on int dmz_v904 (eth3), forwarding
all ports >1023 to host A.A.A.A to port 60199 on inside int (eth1).
e.g.
name A.A.A.A server
object-group network vpn-pool
description *** VPN dial client pool addresses ***
network-object B.B.B.B 255.x.x.x
object-group service Tivoli tcp
port-object eq 60199
*********THIS IS WHERE I NEED HELP****************
access-list dmz_v904 permit tcp object-group vpn-pool host A.A.A.A gt
1023
access-list inside permit tcp host aansso1tmra00 object-group vpn-pool
object-group Tivoli
is my syntax correct? and what else must I do?
All help very much appreciated.
- Posted by douglas.j.watt@googlemail.com on March 8th, 2006
Think I've sorted the problem with the help from a friend.
Was told I only need to apply one rule to the source interface, as
below:
access-list dmz_v904 permit tcp object-group vpn-pool host A.A.A.A eq
60199
This should forward all permitted source subnet traffic on TCP 60199 to
the destination A.A.A.A server on the inside interface.
- PIX Port Forwarding Problem (Routers) by Cisco Newbie
- troubleshoot port forwarding problem (Routers) by Steve Richter
- PIX 515 : Problem with port forwarding (Routers) by Renaud
- Port forwarding on Conexant 4 port adsl router (Internet & Broadband) by Graham Russell
- Port forwarding on Conexant 4 port adsl router (Internet & Broadband) by Graham Russell
