acl from host-inside to host-dmz

[spillo3000]

how can i apply an acl entry to permit traffic from host A to host B in another subnet through my pix firewall version 6.1(4).i think access-list inside-in permit tcp host A.B.C.D host A.B.E.F 0.0.0.0 eq 139, but it doesn't function. i must remove host.....?

 

[ChrisAC]

You also need to apply the access-list to the interface.

access-group inside-in in interface inside

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

 

[spillo3000]

no, what command can i use to pass traffic between host a e b, ....access-list inside-in permit tcp host A.B.C.D host A.B.E.F 0.0.0.0 eq 139,from host to host.

 

[ChrisAC]

You need to create an access list to allow traffic from one host to another (or one network to another);

access-list spongebob permit tcp host_A host_B eq <port>

and then apply it to the interface.

access-group spongebob in interface inside

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

 

[spillo3000]

ERROR: Global address,mask <a.b.c.51,a.b.d.3> doesn't pair,
this is the error when i write the command

access-list inside-in permit tcp a.b.c.51 a.b.d.3 eq 139
...

 

[spillo3000]

i understand host a.a.a.a. host v.v.v.v. thank you very much...