Port Forwarding

[Roots000]

Hi,
I having trouble creating port forwarding rules with my pix 501. I have attempted using the access list and creating a rule like:

access-list fromoutside permit tcp any host 192.168.1.x eq 113
access-group fromoutside in interface outside

With no luck. I cant use the PDM, as i am still running version 1.1 . I’ve managed to find version 6.3(1) of the ios and installed this. This made the pix useable. I cannot upgrade from this Cisco site because when ever i login to do this i get there are no downloads available. If someone could also provide me with links to download the latest ios and PDM i would be eternally grateful.

Regards
Tim

 

[bradx]

Where did you find 6.3(1)? I have been looking everywhere. If you could provide me a link that would be great.

Thanks

 

[Roots000]

h**p://

http://www.onos.co.uk/pix631.bin

Enjoye

There must be someone out there with the latest PIX IOS and PDM. Come on ppl

 

[chicocouk]

Pix OS downloads and pdm available at

http://www.cisco.com/cgi-bin/tablebuild.pl/pix

With your port forwarding, the ACL has to allow traffic to the OUTSIDE interface of your pix, not the mapped internal ip. Then you also need a static route mapping that port on the outside interface to the related port on the internal machine

IE, if your external address is 99.99.99.99, and the machine you want to map port 113 to is on an ip of 192.168.1.2, then you would do the following

access-list fromoutside permit tcp any host 99.99.99.99 eq 113
access-group fromoutside in interface outside

static (inside,outside) tcp 99.99.99.99 113 10.1.16.2 113 netmask 255.255.255.255 0 0

Chico