port forwarding on a pix router

Print Thread

Rate Thread

port forwarding on a pix router #263845 02/01/08 03:03 AM
Joined: Jul 2003 Posts: 766 CA SST Member
SST Member Joined: Jul 2003 Posts: 766 CA	Anyone know how to port forward on pix router. I can't get the volunteer network guy at my church to perform this task for me. I need a hand-full of ports forwarded for an esi voip phone for the head pastor. I don't have any experience with pix at all, well other than it's a router firewall.

Atcom VoIP Phones

Best VoIP Phones Canada

Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.

Re: port forwarding on a pix router #263846 02/01/08 09:59 AM
Joined: Mar 2006 Posts: 575 Hawthorne or Melville, New Yor... RobCalltrol Member
RobCalltrol Member Joined: Mar 2006 Posts: 575 Hawthorne or Melville, New Yor...	Here's the product page from Cisco, shoud give you some resources to figure it out.. https://www.cisco.com/en/US/products/hw/vpndevc/ps2030/index.html Rob Cashman Customer Support Engineer

Re: port forwarding on a pix router #263847 02/01/08 03:37 PM
Joined: Jun 2006 Posts: 318 Maryland Steve Brower Member
Steve Brower Member Joined: Jun 2006 Posts: 318 Maryland	I'm no PIX expert, but you should be able to configure port translation with the following commands. Here's an example: Internet \| PIX \| Inside network (10.1.0.0) \| Inside Servers 10.1.1.20 - Web Server 10.1.1.21 - SMTP Mail Server First you need named interfaces, which are probably going to look something like this: nameif ethernet0 outside security 0 nameif ethernet1 inside security 100 Then you need IP addresses for the interfaces: ip address outside 200.200.200.1 netmask 255.255.255.0 ip address inside 10.1.1.1 netmask 255.0.0.0 Now setup your forwarding - this means that ports on the external PIX interface are redirected inside. In our example we'll use HTTP, HTTPS, and SMTP as the protocols we're forwarding. static (inside,outside) tcp interface 80 10.1.1.20 80 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 443 10.1.1.20 443 netmask 255.255.255.255 0 0 static (inside,outside) tcp interface 25 10.1.1.21 25 netmask 255.255.255.255 0 0 Then setup an access lists to permit HTTP, HTTPS, and SMTP inside to the external IP address: access-list outside_access_in permit tcp any interface outside eq 80 access-list outside_access_in permit tcp any interface outside eq 443 access-list outside_access_in permit tcp any interface outside eq 25 *Note that you can call the access list whatever you want. I just happen to use "outside_access_in". Then apply the access lsit with the access-group statement: access-group outside_access_in interface outside Sometimes you carpe diem, sometimes your diem gets carped.

Re: port forwarding on a pix router #263848 02/02/08 08:00 PM
Anonymous Unregistered
Anonymous Unregistered	Nice write up, Steve. As ESI uses UDP, you will need to change where it says "tcp" in Steve's write up with "udp". Then simply set the port to 59XXX, as it is assigned on the IVC card.

Hop To

Link Copied to Clipboard

sundance-communications.com/forum Forums VOIP Phones & IP PBX Networking port forwarding on a pix router