Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Port Forwarding on PIX 501 v 6.3.3

Status
Not open for further replies.
nelifecare

nelifecare

MIS
Aug 21, 2006
118
US
Hi,

I would like to port forward my Outside interface to an inside server. I can port forward individual ports without issue. I would like to know how to port forward a range.

Example:

object-group service Group1_TCP tcp
port-object eq h323
port-object range 5555 6555
port-object eq www
port-object eq https
port-object eq 5060
object-group service Group1_UDP udp
port-object eq 1719
port-object range 2326 3253
port-object eq 5060

access-list acl_outside permit udp host 65.202.44.2 object-group Group1_UDP any
access-list acl_outside permit tcp host 65.202.44.2 object-group Group1_TCP any

ip address outside xx.xx.xx.2 255.255.255.252
ip address inside 192.168.30.11 255.255.255.0

static (inside,outside) tcp interface 8000 192.168.30.8 255.255.255.255 0 0
static (inside,outside) tcp interface https 192.168.30.75 https netmask 255.255.255.255 0 0
static (inside,outside) tcp interface 255.255.255.255 0 0
static (inside,outside) tcp interface h323 192.168.30.75 h323 netmask 255.255.255.255 0 0
static (inside,outside) tcp interface 5555 192.168.30.75 5555 netmask 255.255.255.255 0 0
static (inside,outside) udp interface 2326 192.168.30.75 2326 netmask 255.255.255.255 0 0
access-group acl_outside in interface outside


I don't want to add separate lines for ports in range 5555 - 6555

Thanks
 
Sort by date Sort by votes
unfortunately, you've got to do it for each port

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
I agree with Unclerico completely, but if you have multiple public ips to play with, you could forward one external ip to your private ip, therefore automatically forwarding all the ports.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
286
XLNTech1
XLNTech1
Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
323
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
336
Johnkite
Johnkite
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
68
xwray
xwray
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
100
PauS0n
PauS0n

Part and Inventory Search

Sponsor

Back
Top