I seem to remember seeing that 6.x had support for port redirecting, have you looked for this/at this?
--- "Noonan, Wesley" <[EMAIL PROTECTED]> wrote: > As soon as I add a static mapping (for whatever > reason), the PIX stops > passing all outbound traffic except that traffic > from the IP address in the > static mapping. I think this is because it can't do > PAT and a STATIC mapping > to the same IP address. I would need >1 IP address > to pull it off > successfully. > > I will try the strict option. I had it earlier, and > it didn't help the > situation any so I removed it. > > I have also opened a TAC case on it, and it looks > like there is going to be > a problem with doing this and using PAT (if I use > NAT, it works great...). > > I was hoping to avoid having to move to business > class/static IP's (about > twice as much as my existing net access...) > > Thanks. > > Wes Noonan, MCSE/MCT/CCNA/CCDA/NNCSS > Senior QA Rep. > BMC Software, Inc. > (713) 918-2412 > [EMAIL PROTECTED] > http://www.bmc.com > > > -----Original Message----- > From: Glenn Shiffer [mailto:[EMAIL PROTECTED]] > Sent: Friday, February 01, 2002 17:34 > To: 'Noonan, Wesley'; [EMAIL PROTECTED] > Subject: RE: PIX 501, PAT and PASV... > > As far as I recall Cisco port aliases assign ftp= > tcp 21 and ftp-data= > tcp 20. Ftp-data being used to enable FTP/HTTP > server connections to > function properly. > > Try adding a static mapping port 21 ie. ftp. > > You may also want to change your ftp fixup to: > > fixup protocol ftp strict 21 > > This prevents web browsers for sending embedded > commands in ftp > requests. > > Glenn > > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls __________________________________________________ Do You Yahoo!? Great stuff seeking new owners in Yahoo! Auctions! http://auctions.yahoo.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
