Pix 501 port forwarding

Home Forums Networking Cisco Security – PIX/ASA/VPN Pix 501 port forwarding

Viewing 1 post (of 1 total)
  • Author
    Posts

  • Das
    Member
    #165855

    Hi everyone

    first of all I have to say I don’t know pratically nothing of Cisco firewalls but I’m in the need to temporarily configure an old Pix 501, port forwarding the tcp 32976 (I need to test Neorouter software).
    This Pix has already set a port forwarding for tcp 3389 to use remote desktop so I have to be careful not to stop this service.

    I paste a few lines to make understand how the pix is currently configured:

    access-list (fromout) permit icmp any any
    access-list (fromout) permit tcp any any eq 3389
    access-list (inout) permit icmp any any
    access-list (inout) permit ip 192.168.0.0 255.255.255.0 any
    access-list 102 permit ip 192.168.0.0 255.255.255.0 192.168.101.0 255.255.255.0

    static (inside,outside) tcp 10.77.2.76 3389 192.168.0.1 3389 netmask 255.255.255.255 0 0

    access-group (fromout) in interface outside
    access-group (inout) in interface inside

    to open port 32976 I’ve addedd the following lines:

    static (inside,outside) tcp 10.77.2.76 32976 192.168.0.1 32976 netmask 255.255.255.255 0 0
    access-list (fromout) permit tcp any any eq 32976

    I didn’t add an access-group line because the (fromout) group is already active and I did not give the command “write mem” because i believe that I can test the pix anyway and then, after restarting the Pix, this returns to the normal function before the changes.

    to test if the port is correctly opened i go here: http://www.neorouter.com/checkport.php? and I see that the port 32976 doesn’t pass the test but even the port 3389, that was passing the test before, doesn’t pass this test too.

    Could you tell me where I’m wrong and how to open correctly the 32976 port?

    Thanks to all

    Dario

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Don't leave your business open to attack! Come learn how to protect your AD in this FREE masterclass!REGISTER NOW - Thursday, December 2, 2021 @ 1 pm ET

Active Directory (AD) is leveraged by over 90% of enterprises worldwide as the authentication and authorization hub of their IT infrastructure—but its inherent complexity leaves it prone to misconfigurations that can allow attackers to slip into your network and wreak havoc. 

Join this session with Microsoft MVP and MCT Sander Berkouwer, who will explore:

  • Whether you should upgrade your domain controllers to Windows Server
    2019 and beyond
  • Achieving mission impossible: updating DCs within 48 hours
  • How to disable legacy protocols and outdated compatibility options in
    Active Directory

Sponsored by: