[nsp] PIX Static/ACL
Robert Crowe
rwcrowe at comcast.net
Wed Jun 30 23:29:15 EDT 2004
static (inside,outside) 99.99.99.99 172.18.x.x
access-list acl_in permit any host 99.99.99.99 eq 80
access-group acl_in interface outside_interface
- 99.99.99.99 represents your public IP you want to NAT to
- 172.18.0.0 represents the private IP you want NATT'd out
- access-list acl_in is the inbound access-list from the internet
- access-group command applies acl to outside interface
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Tony Mucker
Sent: Wednesday, June 30, 2004 8:42 PM
To: cisco-nsp at puck.nether.net
Subject: [nsp] PIX Static/ACL
Quick question,
My PIX sits between my public side and my private side (172.16.0.X).
There's also a Layer 3 Router on my private side (172.16.0.X), that's
then connected to my lab (172.18.0.X), as well as a few other places.
What do I need to do to have a machine in the lab be visible on port 80
from the outside world? I've already tried the static (high,low) low
high with an ACL, but that doesn't seem to work.
It used to work fine with the Checkpoint I had, but that got replaced in
favor of the PIX last weekend...
Thanks
Tony
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list