Andrew,<div><br></div><div>I don't know a lot about PIX 6.x releases. But with 7.x or higher you can do this really easy.</div><div><br></div><div><div><span class="Apple-style-span" style="font-family: monospace; font-size: 13px; white-space: pre; -webkit-border-horizontal-spacing: 1px; -webkit-border-vertical-spacing: 1px; ">static (inside,outside) tcp <public-ip-address> telnet <private-ip-address> telnet netmask 255.255.255.255 </span></div>
<div><br></div><div>You can also refer to an public IP address interface instead of an static IP address with interface keyword. Refer to command reference: </div><div><a href="http://www.cisco.com/en/US/docs/security/asa/asa70/command/reference/s.html#wp1540284">http://www.cisco.com/en/US/docs/security/asa/asa70/command/reference/s.html#wp1540284</a></div>
<div><br></div><div>I also find a document on Cisco Website. It might be helpful</div></div><div><a href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804708b4.shtml#t10">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804708b4.shtml#t10</a></div>
<div><br></div><div><font class="Apple-style-span" face="monospace"><span class="Apple-style-span" style="white-space: pre; -webkit-border-horizontal-spacing: 1px; -webkit-border-vertical-spacing: 1px; "><font class="Apple-style-span" face="arial"><span class="Apple-style-span" style="white-space: normal; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px;">Another resource at: <a href="http://www.tech-recipes.com/rx/711/port-redirect-to-inside-host-on-a-cisco-pix-firewall/">http://www.tech-recipes.com/rx/711/port-redirect-to-inside-host-on-a-cisco-pix-firewall/</a></span></font></span></font></div>
<div><font class="Apple-style-span" face="monospace"><span class="Apple-style-span" style="white-space: pre; -webkit-border-horizontal-spacing: 1px; -webkit-border-vertical-spacing: 1px; "><br></span></font></div><div><br>
</div><div>I hope this helps!</div><div><br></div><div>Regards,</div><div>Khalid</div><div><br><div class="gmail_quote">On Sun, Oct 18, 2009 at 7:28 PM, Andrew Waddle <span dir="ltr"><<a href="mailto:anacomm@gmail.com">anacomm@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div>Hello everyone!</div>
<div> I have a pix 501 at the front of my network at home, with my uc500 directly behind it, I use port 22 to ssh into my pix from the outside, but I also what to ssh into my uc500 that's behind my pix, I only have one public IP address so i think i need to use some form of port forwarding or redirection of some sort. my thoughts were to redirect port 2222 from my pix to the outside interface of my uc500, that way whenever I try to ssh using port 2222 my pix will redirect that port to the uc500...<br>
<br>another question is once port 2222 is redirect to the uc500, i need some way of the uc500 knowing that port 2222 should be used for an ssh connection</div>
<div> </div>
<div>any help would be greatly appreciated </div>
<div></div><br><font color="#888888">-- <br>Andrew Waddle<br>Anacomm@Gmail.com<br>
</font><br>_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br><br></blockquote></div>
</div>