I am assuming that you only have this one service behind the PIX or do you have multiple servers behind the PIX? I would like to see a config of multiple servers behind a PIX - utilizing only "1" external IP address.
Tim -----Original Message----- From: mike greenberg [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 9:52 PM To: [EMAIL PROTECTED] Subject: Re: How to make real player from outside to contact real [7:53586] Ok, the solution is very simple one. I know this will work because I running my RealPlayer Helix Universal Streaming Server version 9.0.1 on my Linux box behind a Pix firewall. The linux box has an RFC 1918 address (192.168.1.100) sitting on the DMZ network (192.168.1.254 is IP address of the DMZ interface on the PIX). The 192.168.1.100 is NATed to the public with 199.0.56.293 On the pix firewall: static (inside,dmz) 199.0.56.293 192.168.1.100 access-list 100 permit tcp any host 199.0.56.293 eq 8080 (if http is running on here) access-list 100 permit tcp any host 199.0.56.293 eq 7070 access-list 100 permit udp any host 199.0.56.293 eq 554 access-list 100 permit tcp any host 199.0.56.293 eq 9090 (monitor only) access-group 100 in interface outside Now, since the actual streaming server is behind the Pix firewall, you will have to modify the streaming server configuration file to make it work. Add the following line to the rmserver.cfg file: Restart the streaming server. Now from one of the workstation on the outside Pix firewall, fireup RealPlayer and put the following in the URL: rtsp://199.0.56.293:554/sex.mpg It will work.... You can make it work from clicking the link in the web browser; however, I don't have to go over it here. Enjoy!!!! Now, this is something a CCIE doesn't know how to fix. Mike "Magdy H. Ibrahim" wrote:Hi All, I have a client wants to create Real server behind Pix firewall and I am trying to make the outside real player to contact the inside server but I failed.. Is there any extra commands more than the following commands on the PIX to allow the ourside clients to communicate with the inside server?? Please advise help me.... the PIX configuration..... fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 no fixup protocol skinny 2000 fixup protocol rtsp 554 fixup protocol rtsp 8554 names FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] --------------------------------- Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53617&t=53617 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
