Cisco PIX: Allow traffic to an internal host
Permit selected traffic to an internal host.
First, a static mapping must be made for the host. There is another recipe for this configuration.
static (inside,outside) 1.1.1.1 192.168.0.100 netmask 255.255.255.255
then:
To allow traffic, a conduit must be constructed. For example, to allow ICMP (ping) traffic to all hosts from anywhere (bad idea):
conduit permit icmp any any
To allow SSH to a specific host from anywhere:
conduit permit tcp host 1.1.1.1 eq 22 any
or
With ACLs:
access-list 100 permit tcp any host 1.1.1.1 22
access-group 100 in interface outside






Add New Comment
Viewing 3 Comments
Thanks. Your comment is awaiting approval by a moderator.
Do you already have an account? Log in and claim this comment.
Do you already have an account? Log in and claim this comment.
Do you already have an account? Log in and claim this comment.
Do you already have an account? Log in and claim this comment.
Add New Comment