Can someone confirm the use of the static Command for me?

When using the below command, you only need to specify the access-list. Note
there is already an ip address for the internal and external interface of
the firewall.
static (inside,outside) 142.165.55.55 192.168.133.5 netmask 255.255.255.255
access-list 101 permit tcp any host 142.165.55.55 eq www


When using this command (port address translation) you need to specify a
global command and a nat command and an access-list to make it work.
static (inside,outside) tcp 142.165.55.55 www 192.168.133.253 www netmask
255.255.255.255 0 0

is this correct??

Kevin

Report this post to a moderator

"Kevin" <cst112(no spam please )@yahoo.com> wrote in message
news:uuvm6723gh2k5c@corp.supernews.com...
> Can someone confirm the use of the static Command for me?
>
> When using the below command, you only need to specify the access-list.
Note
> there is already an ip address for the internal and external interface of
> the firewall.
> static (inside,outside) 142.165.55.55 192.168.133.5 netmask
255.255.255.255
> access-list 101 permit tcp any host 142.165.55.55 eq www

These 2 commands are correct. The first creates a static mapping from
internal to external. The second allows any outside address to access port
80 of the nat'ed internal box.

>
>
> When using this command (port address translation) you need to specify a
> global command and a nat command and an access-list to make it work.
> static (inside,outside) tcp 142.165.55.55 www 192.168.133.253 www netmask
> 255.255.255.255 0 0
>
> is this correct??

I have no idea what this is supposed to be. I know that the PIX will not
take it. It looks like you are trying to combine the static and access-list
in one command.


John Holmes

Report this post to a moderator