Correct me if i'm wrong: # set service nat rule 5 # set service nat rule 5 source address 10.10.10.126 # set service nat rule 5 outside-address address 70.165.x.x # set service nat rule 5 outbound-interface eth0 # commit # set service nat rule 10 # set service nat rule 10 inside-address address 10.10.10.126 # set service nat rule 10 outside-address address 70.165.x.x # set service nat rule 10 inbound-interface eth0 # commit
# set firewall name nat-in rule 1 action drop # set firewall name nat-in rule 1 source address 65.248.x.x # set firewall name nat-in rule 1 protocol udp # set firewall name nat-in rule 1 destination address 70.165.x.x # set firewall name nat-in rule 1 destination port-range start 5059 # set firewall name nat-in rule 1 destination port-range stop 5062 # commit # set firewall name nat-in rule 2 action drop # set firewall name nat-in rule 2 source address 65.248.x.x # set firewall name nat-in rule 2 protocol udp # set firewall name nat-in rule 2 destination address 70.165.x.x # set firewall name nat-in rule 2 destination port-range start 10000 # set firewall name nat-in rule 2 destination port-range stop 51000 # commit # set interface ethernet eth0 firewall in name nat-in # commit - Dave On Feb 20, 2008 1:43 AM, Dave Greeko <[EMAIL PROTECTED]> wrote: > > Hi, > I'm trying to get rid of my cisco PIX firewall. I need to translate the > next 3 lines into Vyatta. > > static (inside,outside) 70.165.x.x 10.10.10.126 netmask 255.255.255.255 1024 > 768 > access-list acl_outside permit udp host 65.248.x.x host 70.165.x.x range > 5059 5062 > access-list acl_outside permit udp host 65.248.x.x host 70.165.x.x range > 10000 51000 > > What I need to do is allow ONLY host 65.248.x.x to access my LAN (host > 10.10.10.126) with range of udp ports. > As you may see the internal host is mapped to 70.165.x.x > > Your help is greatly appreciated > Dave, > > ________________________________ > Never miss a thing. Make Yahoo your homepage. > _______________________________________________ > Vyatta-users mailing list > Vyatta-users@mailman.vyatta.com > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > _______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
