From: mani poopal (mani_ccie@yahoo.com)
Date: Mon Oct 03 2005 - 15:07:28 GMT-3
Hi Harri Makela,
Try this sample config, it should help understand port redirection. you can use the same public ip for port redirection. Instead of conduit you can use access-list/access-group combination. I used imaginary public ip addresses. In the example if anybody comes in port 2323 they will be directed to a dmz server on port 23 etc.(you can use the same port eg:23 to 23)
=====================================
static (dmz,outside) tcp 66.229.117.180 2323 192.168.1.100 telnet netmask 255.255.255.255 0 0
static (dmz,outside) tcp 66.229.117.180 2324 192.168.1.139 telnet netmask 255.255.255.255 0 0
conduit permit tcp host 66.229.117.180 eq 2323 any
conduit permit tcp host 66.229.117.180 eq 2324 any
======================================
Mani
Harri Makela <harri_makela@yahoo.com> wrote:
Hi Group,
Can anyone please advice.
Thanks in advance !
HM
Harri Makela wrote:
Hello,
We have a client and their customers are accessing an application from their DMZ . Sometimes customers are compolaining that they can`t access the application.
Current scenario = Public ---> Port ABC ---> DMZ -
Required (Wishing to confirm if its possible or not in addition to current scenario).
Public ----> Add an additional port XYZ ----> Redirect the traffic to Port ABC ----> DMZ
They are using PIX 515-E.
Any advice will be highly appreciated.
Many Thanks
HM
---------------------------------
Yahoo! for Good
Click here to donate to the Hurricane Katrina relief effort.
---------------------------------
Yahoo! for Good
Click here to donate to the Hurricane Katrina relief effort.
This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:49 GMT-3