How do I make a Cisco Pix forward to a specific port?

Question

on a pix how do I make port traffic, port 25 for email in this case, usable by a specific ip address in my spread of IPs?

I want to send email to someemail@192.168.0.1 and have the pix send it to port 25 on that IP if it is email and discard it if it is anything else.

Thank you.

score 2 · Accepted Answer · answered Feb 03 '10 at 08:04

2

what PIX version?

The feature you want to use is Port Redirection. The basic syntax should be:

static (INTERFACE1,INTERFACE2) PROTOCOL IPADDRESS2 PORT2 IPADDRESS1 PORT1 netmask NETMASK

so for example:

static (INTERFACE1,INTERFACE2) tcp yourexternalip smtp 192.168.0.1 smtp netmask 255.255.255.255

And on your ACL you will need something like this:

access-list outside-inbound permit tcp any host yourexternalip eq smtp

(Disclaimer: I haven't touched Cisco for a while, but I'm 100% someone who has will be along shortly to confirm or correct!)

answered Feb 03 '10 at 08:04

Chris Thorpe

Yep the only comment is you are going to want and extended ACL - so access-list extended permit tcp any host eq smtp – Zypher Feb 03 '10 at 08:20
what do I put on my external ip? – johnny Feb 03 '10 at 20:17

1 Answers1