Cisco Pix 515e Config Assistance

Terminé Publié le Jan 30, 2014 Paiement à la livraison
Terminé Paiement à la livraison

I need to configure the Cisco 515e Pix so allow the following into our network:

217.x.x.x UDP 5060 --> 172.x.x.x UDP 5060

217.x.x.x UDP 17000:18000 --> 172.x.x.x UDP 17000:18000

217.x.x.x TCP 44422 --> 172.x.x.x TDP 22

217.x.x.x TCP 44433 --> 172.x.x.x TCP 443

217.x.x.x TCP 44444 --> 172.x.x.x TCP 10000

This is my proposed config

name 217.x.x.x tenant_Ext_Static

name 172.x.x.x tenant_Int_Static

access-list allow_ext_in permit udp any host tenant_Ext_Static range 17000 18000

access-list allow_ext_in permit udp any host tenant_Ext_Static 5060

access-list allow_ext_in permit tcp any host tenant_Ext_Static 44422

access-list allow_ext_in permit tcp any host tenant_Ext_Static 44433

access-list allow_ext_in permit tcp any host tenant_Ext_Static 44444

static (outside,inside) tenant_Int_Static tenant_Ext_Static netmask [url removed, login to view] 0 0

static (inside,outside) tenant_Ext_Static tenant_Int_Static netmask [url removed, login to view] 0 0

static (inside,outside) tcp interface 44422 tenant_Int_Static 22 netmask [url removed, login to view]

static (inside,outside) tcp interface 44433 tenant_Int_Static 443 netmask [url removed, login to view]

static (inside,outside) tcp interface 44444 tenant_Int_Static 10000 netmask [url removed, login to view]

I am pretty happy that the access list is correct, it is the NAT I am unsure of

I have used this to globally create one 2 one NAT

static (outside,inside) tenant_Int_Static tenant_Ext_Static netmask [url removed, login to view] 0 0

static (inside,outside) tenant_Ext_Static tenant_Int_Static netmask [url removed, login to view] 0 0

Can I use the above with the following to achieve the translation

static (inside,outside) tcp interface 44422 tenant_Int_Static 22 netmask [url removed, login to view]

static (inside,outside) tcp interface 44433 tenant_Int_Static 443 netmask [url removed, login to view]

static (inside,outside) tcp interface 44444 tenant_Int_Static 10000 netmask [url removed, login to view]

Do I need to have the reverse NAT also

Craig

Cisco

Nº du projet : #5375505

À propos du projet

3 propositions Projet à distance Actif Jan 30, 2014

Décerné à:

akmal181

I am CCNP and CCSP with over 12+ years of work experience with 1141+ hours of work and 174 jobs done so far on [login to view URL] you deviate Please follow the URL to see my work history on oDesk [login to view URL] Plus

%selectedBids___i_sum_sub_4% %project_currencyDetails_sign_sub_5% USD en 1 jour
(10 Commentaires)
4.1

3 freelances font une offre moyenne de 33 $ pour ce travail

puneesh85c

New freelancer CCIE Security Expert level knowledge on all Cisco products like PIX, ASA, VPN concentrator and routers More than 5 years of experience working CISCO TAC (RTP US) Security team Price no issues, tryi Plus

%bids___i_sum_sub_32% %project_currencyDetails_sign_sub_33% USD en 1 jour
(0 Commentaires)
0.0
jaradhya

As understand you need to route SIP traffic from Inside to Outside. For any Cisco Firewall to work without any issues , we need to ensure three things should be done. 1) Access list 2) Routing 3) NAT'ing (PAT o Plus

%bids___i_sum_sub_32% %project_currencyDetails_sign_sub_33% USD en 1 jour
(0 Commentaires)
0.0