Need help with pix501 1

[turalo]

I need help configuring incoming connections on my pix501 firewall,
the firewall is now set as defoult, I can use the internet.
outside interface is static :
IP: 192.168.1.17
msk: 255.255.255.0
gate: 192.168.1.254

inside is dhcp enabled :
IP : 192.168.0.1
msk: 255.255.255.0
gate: 192.168.0.1

Now normal outbound internet traffic works well, what I want to do is to make possible for some service like for example VNC (port 5900) to be able to get in, so IF I want to login to a pc behind pix501 from another location with vnc.
I have a pc connected on this firewall with IP : 192.168.0.2
please can sombody help me set this.
I'm stock alredy 2 days, cant understand how does it works.
I have also PDM interface available and also connection on console.
please help.

 

[boymarty24]

Yes you are right =)

I was a little fast there

 

[turalo]

Well, I'm so thankfull to you all guys, now I almost compleetly understand whats this about, I played with it few hours, and now I can permit or block anything, its actualy very easy when understood righ, I got my pdm back too, right now I'm planning to configure it for real use, first I'm going to test it few days, and get used to doe things in shell, I mean to learn the way of giving the right command, inside , outside etc... I'm realy thankfull for your help.
Thanks for now.

 

[turalo]

Ok, need help again, this time I need the router to use not one but many outside IP's, so I have a range of IP's given to me by InternetProvider, that are dedicated IP's lets say:

IP : 212.23.xx.123 to 212.23.xx.132
mask: 255.255.255.248


This router has as you know 4 lan ports, 1 wan port,
I need to connect 4 computers to the internet via this router, and each of this computer must have old IP settings, so for example
my PC1 has IP : 212.23.xx.123
my PC2 has IP : 212.23.xx.124

Now I want them to be behind Pixfirewall but I want them
to keep the IP's, so not to change it to local IP's, but keep same IP's and secure them using Pix, so Please can sombody tell me how to set this in PixFirewall?
Right now I can configure pix using one outside IP and many inside IP's but local ip's like ; 192.168.1.1
I need to know how to do same but keep original IP's.
thanks.

 

[Supergrrover]

What you need is to apply statics for all four of the PCs.

static (inside,outside) 212.23.xx.123 192.168.1.X netmask 255.255.255.255
static (inside,outside) 212.23.xx.124 192.168.1.X netmask 255.255.255.255
static (inside,outside) 212.23.xx.125 192.168.1.X netmask 255.255.255.255
static (inside,outside) 212.23.xx.126 192.168.1.X netmask 255.255.255.255

This will provide a one to one mapping of the IPs and still provide protection to the boxes. Anythying you want to allow you will need to do through the outside ACL as before.


Brent
Systems Engineer / Consultant
CCNP, CCSP

 

[Supergrrover]

For that you want transparent mode. I don't think the 6x code does it (never tried.) But I know the 7x code will. You will have to upgrade to an ASA5505 or better.


Brent
Systems Engineer / Consultant
CCNP, CCSP