Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX501 static routes

Status
Not open for further replies.
pointer434

pointer434

IS-IT--Management
Apr 9, 2003
18
US
Ooops, i posted this in the Router section by mistake so here goes...

I have a PIX 501 and am tring to add a static route for a PC anywhere connection so that a remote tech can access a server on my LAN>

The actuall access lists went in with no problem but i ran aground when tring to put in a static route to compliment the ACL.

The local ip option is the problem and i keep getting an error that says "invalid hostname" I have tried using the actual IP of the internal machine and the hostname and continue to get the error each time.

Previously, several of these connections were set up and i see how they were put in but when i try to duplicate other existing static mappings, replacing the old hostname with the new hostname; and using the new desired ports for udp and tcp, i get the error "invalid hostname"

Any help would be appreciated.


 
Sort by date Sort by votes
Could you show what command you are using and the syntax you are using.
 
Upvote 0 Downvote
Sure bell1996,

There are already routes in that look like this, actually, there are 4 for each device. Data and status ports, (2 port numbers per device) UDP and TCP on each one

ie.. tcp 6661 udp 6661 tcp 6662 udp 6662

Below is an actual static route from the config...

static (inside,outside) tcp interface 6661 Malibu 6661 netmask 255.255.255.255 0 0

The first thing that i tried was this,

static (inside,outside) tcp interface 6998 lightspeed2 6998 netmask 255.255.255.255 0 0

When i do this i get "invalid host" so then i tried the actual IP rather than the host name, replacing lightspeed with 10.x.x.x and it returned "invalid host name again.

Now the Cisco "controling network and access guide" shows a sytax of

Static [ (internal_if_name, external_if_name) ] global_ip [netmask network_mask] [max_cons}

Now i do not know what they mean by global IP or Max_cons. and i tried various other combinations but none will go in. The acual ACL's for these connections went in with no problem at all but the static routes are being mean.

Thanks in advance for any help that you can offer...
 
Upvote 0 Downvote
I can't get my pix to produce an "invalid host" error by entering your command. Even if i have no name to ip mapping for lightspeed2, I get "invalid local IP address lightspeed2".

If i misspell "interface" as "interfaec", as a test, I get "invalid global IP address interfaec" error.

If you literally copy and paste the command you posted here into configure mode on your pix, ie;

static (inside,outside) tcp interface 6998 lightspeed2 6998 netmask 255.255.255.255 0 0

and get an "invalid host" error, i'm quite puzzled as to what could be causing it. The command syntax is correct. Even if you had a previous rule mapping that port through you would get a different error message about a conflicting static rule.

Perhaps you could post the rest of your config?

CCNA, MCSE, Cisco Firewall specialist, VPN specialist, wannabe CCSP ;)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
739
intel233
intel233
RMurr34
  • Locked
  • Question
No Internet Access if no static map
Replies
0
Views
113
RMurr34
RMurr34
tajk
  • Locked
  • Question
Error: Static overlaps on PIX-515e
Replies
0
Views
102
tajk
tajk
basherpt
  • Locked
  • Question
2 static routes in ASA 5500
Replies
4
Views
92
unclerico
unclerico
dpoynter01
  • Locked
  • Question
ASA 5505 Internet Static IP
Replies
2
Views
102
dpoynter01
dpoynter01

Part and Inventory Search

Sponsor

Back
Top