Hi, You need to add a static statement to the internal server but something that goes like that: Static (inside,outside/dmz-I didn't really understood from you mail where it is located) 10.10.1.150 10.10.1.150. The conduit you already have. The static statement that I wrote actually say that IP address can be reach but the appropriate conduit. This is the way I usually do it. GIL CCNA,CCDA -----Original Message----- From: SH Wesson [mailto:[EMAIL PROTECTED]] Sent: ??? ??? 11 ?????? 2000 13:14 To: [EMAIL PROTECTED] Subject: pix I am using a Cisco PIX 520 with an inside interface and an outside interface. I have the following scenario: Internal server has an address of 10.10.1.150, the external server has an ip address of 128.200.111.100. The external server is in the dmz zone. The internal server has been assigned a global address 0f 128.200.111.150 that maps to the inside server of ip address 10.10.1.150. I want the external server of 128.200.111.100 to be able to communicate with the inside server only through port 135. I assigned a static ip address to the inside host with the following command: static (inside,outside) 128.200.111.150 10.10.1.150 netmask 255.255.255.255 0 0 I assigned the permission for the external server to be able to access the inside server only via port 135 using the following command. conduit permit tcp host 128.200.111.100 eq 135 host 128.200.111.150 eq 135 Is this the right way of doing it? If I'm doing it wrong, can someone show me how to do this. Thanks. _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _________________________________ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] This email was scanned using ESPG @ PubliCom Haifa. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _________________________________ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]