[c-nsp] PIX 513E - Multiple ports within static command
Paul - Talk Talk
paul.stainton at talktalk.net
Tue Feb 27 18:14:53 EST 2007
Hi,
I am trying to route SIP through our PIX513E
The goal is to..
1) allow incoming traffic on port 5060 to one LAN address e.g.
192.168.10.20
2) allow incoming traffic on ports 6000 - 6999 to another LAN address
e.g. 192.168.10.30
using..
access-list internet permit udp any host XX.XXX.XX.240 eq 5060
(inside,outside) udp XX.XXX.XX.240 5060 192.168.10.20 5060 netmask
255.255.255.255 0 0
Works for part 1
But part 2 is more difficult as
access-list internet permit udp any host XX.XXX.XX.240 range 6000 6999 - is
OK
But how do you route this to 192.168.10.30 ports 6000 6999
without 999 single entries?
Regards to all
Paul Stainton
_____
<< ella for Spam Control >> has removed 158 Spam messages and set aside 0
Newsletters for me
You can use it too - and it's FREE! www.ellaforspam.com
More information about the cisco-nsp
mailing list