[c-nsp] PIX NAT traversal issue
James Sneeringer
jsneeringer at jupiterimages.com
Tue Nov 14 11:18:18 EST 2006
On November 14, 2006, FAHAD ALI KHAN wrote:
> I have successfully configured this using static NAT as
>
> *static (inside,outside) tcp X.X.X.X 80 Z.Z.Z.Z 1720 nemask
> 255.255.255.2550 0
> *
> **
> Call has been successfully terminated from internet to my PC
> but i got stucked in NAT traversal issue (as i found it on internet).
> This call is one way only i.e. voice media packets goes only
> from inside to outside but not vice versa.
You probably need to put an access-list on the outside interface to
allow inbound traffic on port 80. The static entry only affects NAT
and does not do anything with security policy. Maybe something like
this:
access-list acl_outside permit tcp any host X.X.X.X eq 80
access-group acl_outside in interface outside
-James
More information about the cisco-nsp
mailing list