Re: Pix port TELNET redirect [7:64764]

Sat, 08 Mar 2003 08:48:59 -0800 

Jojo,

I didn't see the ACL applied to the interface; also, make sure you execute
"clear xlate" after this.

Cheers!
--

Richard A. Deal

Visit my home page at http://home.cfl.rr.com/dealgroup/

Author of Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP Remote Access
Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch Configuration
Exam Cram

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market.



""jojo""  wrote in message
news:[EMAIL PROTECTED]
> Im trying to redirect telnet traffic from the pix to my Cisco 2511
> terminal server so I can access the devices over the internet.
> I checked the previous post and tried to configure the Pix.  However the
> traffic gets denied according to my syslog server.
>
> Any help will be appreciated.
>
> JB
>
>
> PC---------INTERNET--------------CABLE/MODEM------------PIX501----------
> ---HUB---------TERMINAL SERVER
>
>
>  PIX501(config)# sh config
> : Saved
> :
> PIX Version 6.1(4)
> nameif ethernet0 outside security0
> nameif ethernet1 inside security100
> enable password 2KFQnbNIdI.2KYOU encrypted
> passwd 2KFQnbNIdI.2KYOU encrypted
> hostname PIX501
> domain-name ciscopix.com
> fixup protocol ftp 21
> fixup protocol http 80
> fixup protocol h323 1720
> fixup protocol rsh 514
> fixup protocol rtsp 554
> fixup protocol smtp 25
> fixup protocol sqlnet 1521
> fixup protocol sip 5060
> fixup protocol skinny 2000
> names
> access-list inbound permit icmp any any
> access-list 101 permit tcp any host 122.249.200.190 eq telnet
> pager lines 24
> logging on
> logging timestamp
> logging trap notifications
> logging host inside 192.168.1.20
> interface ethernet0 10baset
> interface ethernet1 10full
> mtu outside 1500
> mtu inside 1500
> ip address outside dhcp setroute
> ip address inside 192.168.1.1 255.255.255.0
> ip audit info action alarm
> ip audit attack action alarm
> pdm location 192.168.1.5 255.255.255.255 inside
> pdm location 192.168.1.20 255.255.255.255 inside
> pdm logging informational 100
> pdm history enable
> arp timeout 14400
> global (outside) 1 interface
> nat (inside) 1 0.0.0.0 0.0.0.0 0 0
> static (inside,outside) tcp 122.249.200.190 telnet 192.168.1.5 telnet
> netmask 255.255.255.255 0 0
> route outside 0.0.0.0 0.0.0.0 12.249.200.1 1
> timeout xlate 3:00:00
> timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323
> 0:05:00 sip 0:30:00 sip_media 0:02:00
> timeout uauth 0:05:00 absolute
> aaa-server TACACS+ protocol tacacs+
> aaa-server RADIUS protocol radius
> http server enable
> http 192.168.1.0 255.255.255.0 inside
> no snmp-server location
> no snmp-server contact
> snmp-server community public
> no snmp-server enable traps
> floodguard enable
> no sysopt route dnat
> telnet timeout 5
> ssh timeout 5
> dhcpd lease 3600
> dhcpd ping_timeout 750
> terminal width 100
> Cryptochecksum:69c02ec0dda407600fb27cb80979fcad
> PIX501(config)#




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64830&t=64764
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to