Cisco 501 PIX port forwarding (outside DHCP)

Hello,

I am trying to switch from a Cyberguard 570 to a Cisco 501 PIX. The
PIX I have read about creating a forwarding rule but they all centered
around a static external IP. IE something like this:
static (inside,outside) tcp
netmask 0 0

however how would I create this rule with a DHCP assigned external IP
address?

Also the access-list would need to be created as well from what I
understand...would that be something like this?

access-list


or in my case specifically

access-list torrents permit tcp
7684 192.168.1.100 7684

I guess overall my question is how to identify a DHCP assigned external
interface IP address in these rules.

Re: Cisco 501 PIX port forwarding (outside DHCP)

In article <1159077827.616021.206160@b28g2000cwb.googlegroups.com>,
Jaytee wrote:

>I am trying to switch from a Cyberguard 570 to a Cisco 501 PIX.

I recommend comp.dcom.sys.cisco for PIX questions.

>PIX I have read about creating a forwarding rule but they all centered
>around a static external IP. IE something like this:
>static (inside,outside) tcp
> netmask 0 0

>however how would I create this rule with a DHCP assigned external IP
>address?

static (inside,outside) tcp interface OUTSIDEPORT INSIDEADDRESS INSIDEPORT netmask 255.255.255.255 0 0


>Also the access-list would need to be created as well from what I
>understand...would that be something like this?

>access-list
>

>or in my case specifically

>access-list torrents permit tcp
>7684 192.168.1.100 7684

For outside access to inside,

access-list torrents permit tcp any interface outside eq 7684
access-group torrents in interface outside


>I guess overall my question is how to identify a DHCP assigned external
>interface IP address in these rules.

You cannot explicitly do so, but you can use the keyword
'interface' in 'static' and the keyword 'interface outside' in ACLs.

Re: Cisco 501 PIX port forwarding (outside DHCP)

Thank you, I will try that this afternoon.