Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX 501, DHCP, PCANYWARE 1

Status
Not open for further replies.
Kaboum

Kaboum

IS-IT--Management
Jan 3, 2003
5
CY
Hi,
In my office i have a PIX 501 where it's WAN port is connected on my Alcatel Speed Touch modem and receives through my ISP DHCP server an IP of range 10.110.x.x,my public IP which is dynamic as well is 213.x.x.x

Now I want to open the PCanyware ports 5631,5632 on the PIX in order i will be able to access from home, my office computer located behind the PIX on he private IP 192.168.10.10

My PIX 501 Version is 6.1(2).

I found some things about Access-list, Access-group commands but to be honest i'm confused..... I’ will really appreciate if someone can enlighten me with some examples on how this commands can be used correctly in my case.


Thanks in advance

Kaboum [yinyang]
 
Sort by date Sort by votes
HI.

First - you should remeber that if you don't sepcify IP address for the remote computer (your home PC), it means that once PCAW access is open, anyone on the Internet can access it, and some will also try to.
So - you must first decide if you want this option, and if so, you should have strong authentication, auditing (logging) and control using your PCAW options built in the software itself.

For the pix configuration, you can try something like this.
First, get the pix current configuration.
If you currently have an access-list bound to the outside interface, add statements to it. If not, then you create a new access-list.

This is how you can create a new one:
access-list fromoutside permit tcp any any eq 5631
access-list fromoutside permit udp any any eq 5632
access-group fromoutside in interface outside

And you will need to port forward from the pix single ip address to the internal PCAW host. It can be done like this:
static (inside,outside) tcp interface 5631 192.168.10.10 5631
static (inside,outside) udp interface 5631 192.168.10.10 5632

Since you do not have a static ip, create on your office workstation a shortcut/link to:
And check it before you leave the office.

A better option is to get a range of fix registered ip addresses from your ISP instead of using a single dynamic ip address. For this, the pix configuration is different.

Bye
Yizhar Hurwitz
 
Upvote 0 Downvote
Hi, yizhar

Thanks mate, your answer was spot on, i already implement it and PIX working just fine.....

Again, Thanks.

Regards

Kaboum [thumbsup2]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
110
xwray
xwray
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
152
brownmab53
brownmab53
quazimotto
  • Locked
  • Question
Correct Upgrade Path for PIX
Replies
7
Views
220
quazimotto
quazimotto
quazimotto
  • Locked
  • Question
Ping thru PIX to subnet inside??!!
Replies
0
Views
94
quazimotto
quazimotto
hall5942
  • Locked
  • Question
Site to Site VPN with Cisco 881 and PIX
Replies
0
Views
90
hall5942
hall5942

Part and Inventory Search

Sponsor

Back
Top