Re: Port redirection on a PIX [7:73065]
What about changing INTERFACE OUTSIDE to your NATed outside IP address? NetEng wrote in message news:[EMAIL PROTECTED] I get the error Invalid global IP address OUTSIDE. I also tried it w/o 'interface'. If you can offfer any more help I would appreciate it as I really need to get this fixed. Thanks. Robert Edmonds wrote in message news:[EMAIL PROTECTED] With regards to these two lines: static (inside,outside) tcp interface ftp 192.168.0.1 ftp netmask 255.255.255.255 0 0 static (inside,outside) tcp interface www 192.168.0.1 www netmask 255.255.255.255 0 0 I believe they should read: static (inside, outside) tcp interface OUTSIDE ftp 192.168.0.1 ftp netmask 255.255.255.255 static (inside, outside) tcp interface OUTSIDE ftp 192.168.0.1 ftp netmask 255.255.255.255 If I am wrong, I'm sure I will be severely reprimanded...I mean corrected. NetEng wrote in message news:[EMAIL PROTECTED] I am still not able to connect to my web and ftp services. I have pasted the relative info below. Am I missing something or do is my config wrong? : PIX Version 6.1(3) nameif ethernet0 outside security0 nameif ethernet1 inside security100 access-list 101 permit icmp any any unreachable access-list 101 permit icmp any any time-exceeded access-list 101 permit icmp any any echo-reply access-list 102 permit tcp any any eq ftp access-list 102 permit tcp any any eq www pager lines 24 interface ethernet0 10baset interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside dhcp setroute ip address inside 192.168.0.100 255.255.255.0 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) tcp interface ftp 192.168.0.1 ftp netmask 255.255.255.255 0 0 static (inside,outside) tcp interface www 192.168.0.1 www netmask 255.255.255.255 0 0 access-group 102 in interface outside Thanks for the help so far Scott wrote in message news:[EMAIL PROTECTED] static (inside,outside) tcp interface ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Scott NetEng wrote in message news:[EMAIL PROTECTED] I'm trying to do port redirection on my PIX and here's the example from Cisco. My problem is my outside interface is set for DHCP. How do I change the command to reflect a dynamic outside address? static (inside,outside) tcp 172.18.124.99 ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73537t=73065 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Port redirection on a PIX [7:73065]
I don't know about severely, but you are wrong. To do dynamic PAT you use the keyword interface. You don't have to specify the interface name outside because PAT is only supported on the outside interface. The config looks good to me. This may sound stupid, but are the default routes on the FTP and WWW servers set correctly? Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Robert Edmonds [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2003 10:20 AM To: [EMAIL PROTECTED] Subject: Re: Port redirection on a PIX [7:73065] With regards to these two lines: static (inside,outside) tcp interface ftp 192.168.0.1 ftp netmask 255.255.255.255 0 0 static (inside,outside) tcp interface www 192.168.0.1 www netmask 255.255.255.255 0 0 I believe they should read: static (inside, outside) tcp interface OUTSIDE ftp 192.168.0.1 ftp netmask 255.255.255.255 static (inside, outside) tcp interface OUTSIDE ftp 192.168.0.1 ftp netmask 255.255.255.255 If I am wrong, I'm sure I will be severely reprimanded...I mean corrected. NetEng wrote in message news:[EMAIL PROTECTED] I am still not able to connect to my web and ftp services. I have pasted the relative info below. Am I missing something or do is my config wrong? : PIX Version 6.1(3) nameif ethernet0 outside security0 nameif ethernet1 inside security100 access-list 101 permit icmp any any unreachable access-list 101 permit icmp any any time-exceeded access-list 101 permit icmp any any echo-reply access-list 102 permit tcp any any eq ftp access-list 102 permit tcp any any eq www pager lines 24 interface ethernet0 10baset interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside dhcp setroute ip address inside 192.168.0.100 255.255.255.0 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) tcp interface ftp 192.168.0.1 ftp netmask 255.255.255.255 0 0 static (inside,outside) tcp interface www 192.168.0.1 www netmask 255.255.255.255 0 0 access-group 102 in interface outside Thanks for the help so far Scott wrote in message news:[EMAIL PROTECTED] static (inside,outside) tcp interface ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Scott NetEng wrote in message news:[EMAIL PROTECTED] I'm trying to do port redirection on my PIX and here's the example from Cisco. My problem is my outside interface is set for DHCP. How do I change the command to reflect a dynamic outside address? static (inside,outside) tcp 172.18.124.99 ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73690t=73065 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Port redirection on a PIX [7:73065]
With regards to these two lines: static (inside,outside) tcp interface ftp 192.168.0.1 ftp netmask 255.255.255.255 0 0 static (inside,outside) tcp interface www 192.168.0.1 www netmask 255.255.255.255 0 0 I believe they should read: static (inside, outside) tcp interface OUTSIDE ftp 192.168.0.1 ftp netmask 255.255.255.255 static (inside, outside) tcp interface OUTSIDE ftp 192.168.0.1 ftp netmask 255.255.255.255 If I am wrong, I'm sure I will be severely reprimanded...I mean corrected. NetEng wrote in message news:[EMAIL PROTECTED] I am still not able to connect to my web and ftp services. I have pasted the relative info below. Am I missing something or do is my config wrong? : PIX Version 6.1(3) nameif ethernet0 outside security0 nameif ethernet1 inside security100 access-list 101 permit icmp any any unreachable access-list 101 permit icmp any any time-exceeded access-list 101 permit icmp any any echo-reply access-list 102 permit tcp any any eq ftp access-list 102 permit tcp any any eq www pager lines 24 interface ethernet0 10baset interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside dhcp setroute ip address inside 192.168.0.100 255.255.255.0 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) tcp interface ftp 192.168.0.1 ftp netmask 255.255.255.255 0 0 static (inside,outside) tcp interface www 192.168.0.1 www netmask 255.255.255.255 0 0 access-group 102 in interface outside Thanks for the help so far Scott wrote in message news:[EMAIL PROTECTED] static (inside,outside) tcp interface ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Scott NetEng wrote in message news:[EMAIL PROTECTED] I'm trying to do port redirection on my PIX and here's the example from Cisco. My problem is my outside interface is set for DHCP. How do I change the command to reflect a dynamic outside address? static (inside,outside) tcp 172.18.124.99 ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73104t=73065 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Port redirection on a PIX [7:73065]
I get the error Invalid global IP address OUTSIDE. I also tried it w/o 'interface'. If you can offfer any more help I would appreciate it as I really need to get this fixed. Thanks. Robert Edmonds wrote in message news:[EMAIL PROTECTED] With regards to these two lines: static (inside,outside) tcp interface ftp 192.168.0.1 ftp netmask 255.255.255.255 0 0 static (inside,outside) tcp interface www 192.168.0.1 www netmask 255.255.255.255 0 0 I believe they should read: static (inside, outside) tcp interface OUTSIDE ftp 192.168.0.1 ftp netmask 255.255.255.255 static (inside, outside) tcp interface OUTSIDE ftp 192.168.0.1 ftp netmask 255.255.255.255 If I am wrong, I'm sure I will be severely reprimanded...I mean corrected. NetEng wrote in message news:[EMAIL PROTECTED] I am still not able to connect to my web and ftp services. I have pasted the relative info below. Am I missing something or do is my config wrong? : PIX Version 6.1(3) nameif ethernet0 outside security0 nameif ethernet1 inside security100 access-list 101 permit icmp any any unreachable access-list 101 permit icmp any any time-exceeded access-list 101 permit icmp any any echo-reply access-list 102 permit tcp any any eq ftp access-list 102 permit tcp any any eq www pager lines 24 interface ethernet0 10baset interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside dhcp setroute ip address inside 192.168.0.100 255.255.255.0 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) tcp interface ftp 192.168.0.1 ftp netmask 255.255.255.255 0 0 static (inside,outside) tcp interface www 192.168.0.1 www netmask 255.255.255.255 0 0 access-group 102 in interface outside Thanks for the help so far Scott wrote in message news:[EMAIL PROTECTED] static (inside,outside) tcp interface ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Scott NetEng wrote in message news:[EMAIL PROTECTED] I'm trying to do port redirection on my PIX and here's the example from Cisco. My problem is my outside interface is set for DHCP. How do I change the command to reflect a dynamic outside address? static (inside,outside) tcp 172.18.124.99 ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73112t=73065 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Port redirection on a PIX [7:73065]
static (inside,outside) tcp interface ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Scott NetEng wrote in message news:[EMAIL PROTECTED] I'm trying to do port redirection on my PIX and here's the example from Cisco. My problem is my outside interface is set for DHCP. How do I change the command to reflect a dynamic outside address? static (inside,outside) tcp 172.18.124.99 ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73067t=73065 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Port redirection on a PIX [7:73065]
I'm trying to do port redirection on my PIX and here's the example from Cisco. My problem is my outside interface is set for DHCP. How do I change the command to reflect a dynamic outside address? static (inside,outside) tcp 172.18.124.99 ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73065t=73065 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Port redirection on a PIX [7:73065]
I am still not able to connect to my web and ftp services. I have pasted the relative info below. Am I missing something or do is my config wrong? : PIX Version 6.1(3) nameif ethernet0 outside security0 nameif ethernet1 inside security100 access-list 101 permit icmp any any unreachable access-list 101 permit icmp any any time-exceeded access-list 101 permit icmp any any echo-reply access-list 102 permit tcp any any eq ftp access-list 102 permit tcp any any eq www pager lines 24 interface ethernet0 10baset interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside dhcp setroute ip address inside 192.168.0.100 255.255.255.0 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) tcp interface ftp 192.168.0.1 ftp netmask 255.255.255.255 0 0 static (inside,outside) tcp interface www 192.168.0.1 www netmask 255.255.255.255 0 0 access-group 102 in interface outside Thanks for the help so far Scott wrote in message news:[EMAIL PROTECTED] static (inside,outside) tcp interface ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Scott NetEng wrote in message news:[EMAIL PROTECTED] I'm trying to do port redirection on my PIX and here's the example from Cisco. My problem is my outside interface is set for DHCP. How do I change the command to reflect a dynamic outside address? static (inside,outside) tcp 172.18.124.99 ftp 10.1.1.3 ftp netmask 255.255.255.255 0 0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73069t=73065 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]