A Chrismas Gift : a PIX 501 but....

[Lalsacien]

Hello,

I have now for my home a PIX 501 connected to a cable modem with dynamic ip address. All works fine. I used PDM to install the box, and I'm working the implicit access rules with the PAT translation. (pix version 6.3(3) PDM 3.0(1))

Now I would like again to use my radio-ham software that need these rules :

Allow UDP (source port any, destination ports 5198-5199) from Internet to PC
Allow UDP (source port any, destination ports 5198-5199) from PC to Internet
Allow TCP (source port any, destination port 5200) from PC to Internet

Could someone tells me how to give to the Pix these rules, specially the first one, an inbound from Internet ?
Or perhaps shows me the rules I need to write in the conf t.

Thanks for helps, I'm just a newbie in Pix programming, so I don't know much about, and the books are very "heavy"

Best Regards
Lal

 

[kmills]

Lalsacien,
Sounds like you had a good Holiday!
It sounds like you are familiar with firewalls. You can actually add those configurations in the PDM. Just click on the Configuration tab, then right click in the box that shows your configuration. Select Add. A config dialog box pops up so you can add whatever ports you need. I always include a description.
Kyra

 

[Lalsacien]

Kmills,

Thanks for you answer. I tried to put access rules with PDM, for the tests I have now these :

Source Destination Interface Service
any any inside(outbound) ip
any any outside ip


With these rules, I just wanna see if I can open all outside services.

On the syslog I ever have this message :

:%PIX-7-710005: UDP request discarded from xxx.xxx.xxx.xxx/5199 to outside:yyy.yyy.yyy.yyy/5198

Could you tell me what's wrong ? I suppose there is a Nat trouble.

Thanks for Help !!
Best Regards
Lal

 

[Lalsacien]

Hello,

I found the solution.
I use these differents keywords :

access-list
access-group
static

Now it's OK.

Best Regards and Happy New Year 2004.

Lal