I am trying to statically nat a Citrix MetaFrame XP server thru a PIX 506 firewall. I can ping the natted address on the outside but cannot access the Citrix server with the ICA client or the Terminal services client. I have the followint access rules set up on the PIX. access-list acl_out permit tcp any host 12.x.x.98 eq smtp access-list acl_out permit icmp any any access-list acl_out permit tcp any host 12.x.x.101 eq www access-list acl-out permit tcp any host 12.x.x.102 access-list acl-out permit udp any host 12.x.x.102 access-list acl-out permit tcp any host 12.x.x.102 eq www access-list acl-out permit tcp any host 12.x.x.102 eq 1494 access-list acl-out permit udp any host 12..x.102 eq 1494
I did a log on the PIX and received the followint entry. 106023: Deny tcp src outside:206.x.x.247/3237 dst inside:12.x.x.102/1494 by access-group "acl_out" The PIX firmware rev is 5.2(5) _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
