I am attempting to forward port 13000 to 192.168.1.11
I have setup 2 rules, an access-list and a static rule, i cleared the xlate however I still cannot get to the port from the outside.
I checked internally and confirmed the port is open and available.
Can anyone see why this is not working?
access-lists
Code:
access-list fReal-VPN_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any
access-list inside_outbound_nat0_acl permit ip 192.168.1.0 255.255.255.0 192.168.204.0 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any 192.168.0.0 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any MO 255.255.255.0
access-list outside_cryptomap_dyn_20 permit ip any 192.168.204.0 255.255.255.0
access-list outside_access_in permit icmp any any
access-list outside_access_in permit udp host 207.145.49.38 host 216.216.113.139 eq snmp
access-list outside_access_in permit udp host 207.145.49.38 host 216.216.113.140 eq snmp
access-list outside_access_in permit tcp any host 192.168.1.11 eq 13000
access-list outside_access_in permit udp any host 192.168.1.11 eq 13000
access-list outside_cryptomap_10 permit ip any 192.168.0.0 255.255.255.0
access-list outside_cryptomap_30 permit ip any MO 255.255.255.0
statics
Code:
pixfirewall(config)# sh static
static (inside,outside) tcp interface 13000 192.168.1.11 13000 netmask 255.255.255.255 0 0
static (inside,outside) udp interface 13000 192.168.1.11 13000 netmask 255.255.255.255 0 0
static (inside,outside) 216.216.113.139 Switch-1 netmask 255.255.255.255 0 0
static (inside,outside) 216.216.113.140 Switch-2 netmask 255.255.255.255 0 0
nattys
Code:
nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
I have setup 2 rules, an access-list and a static rule, i cleared the xlate however I still cannot get to the port from the outside.
I checked internally and confirmed the port is open and available.
Can anyone see why this is not working?
access-lists
Code:
access-list fReal-VPN_splitTunnelAcl permit ip 192.168.1.0 255.255.255.0 any
access-list inside_outbound_nat0_acl permit ip 192.168.1.0 255.255.255.0 192.168.204.0 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any 192.168.0.0 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any MO 255.255.255.0
access-list outside_cryptomap_dyn_20 permit ip any 192.168.204.0 255.255.255.0
access-list outside_access_in permit icmp any any
access-list outside_access_in permit udp host 207.145.49.38 host 216.216.113.139 eq snmp
access-list outside_access_in permit udp host 207.145.49.38 host 216.216.113.140 eq snmp
access-list outside_access_in permit tcp any host 192.168.1.11 eq 13000
access-list outside_access_in permit udp any host 192.168.1.11 eq 13000
access-list outside_cryptomap_10 permit ip any 192.168.0.0 255.255.255.0
access-list outside_cryptomap_30 permit ip any MO 255.255.255.0
statics
Code:
pixfirewall(config)# sh static
static (inside,outside) tcp interface 13000 192.168.1.11 13000 netmask 255.255.255.255 0 0
static (inside,outside) udp interface 13000 192.168.1.11 13000 netmask 255.255.255.255 0 0
static (inside,outside) 216.216.113.139 Switch-1 netmask 255.255.255.255 0 0
static (inside,outside) 216.216.113.140 Switch-2 netmask 255.255.255.255 0 0
nattys
Code:
nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 1 0.0.0.0 0.0.0.0 0 0