Re: Cisco PIX 501
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: Cisco PIX 501

From: Walter Roberson <roberson@ibd.nrc-cnrc.gc.ca>
Date: Wed Sep 14 2005 - 19:26:45 CEST



In article <Gcadne7xUamHyLXenZ2dnUVZ_s6dnZ2d@giganews.com>,


Shadus  <shadus@shadus.org> wrote:


:I'm presently trying to setup a cisco pix 501 to forward a range of


:ports to a host on the inside.



:192.168.100.200 needs to have several ports forwarded along to it.  


:I've tried a couple different methods but everytime it comes back 


:to setting a static up for each individual port... for obvious 


:reasons when dealing with ~120 ports this sucks.



That's the only supported PIX 6.x method for specifying port forwarding.



:The basics are: I need ports 6881-6999, 6112, 3724 forwarded to


:192.168.100.200 and I dont want to do ~120 lines of static port mappings



Then you will need to get a second IP address and map all of that IP to


192.168.100.200 .



:PIX Version 6.3(3)



There is a security problem in 6.3(3), fixed in 6.3(4). The upgrade


is free. The current release is 6.3(5), a bug-fix release (upgrade


to it might not be free.)



-- 
  "This was a Golden Age, a time of high adventure, rich living and
  hard dying... but nobody thought so."      -- Alfred Bester, TSMD


Received on Thu Sep 29 20:07:41 2005