Mapping incoming ports to different NAT addresses on PIX

Unanswered Question
Apr 20th, 2007
User Badges:

Hello all

Can i use the extendable keyword on the pix firewall to map incoming ports to NAT private lan addresses? if yes, what is important to know before to do that. If not, how can i do that ?

Will be good if i will have any example

Thank you !

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Patrick Iseli Sat, 04/21/2007 - 16:09
User Badges:
  • Gold, 750 points or more

This feature is called Port Address Translation or PAT.


All port that are connecting to your outside interface IP address are forwarded, translated, to an induviual inside private IP.


example:


access-list acl_out permit tcp any interface outside eq http

access-list acl_out permit tcp any interface outside eq smtp


access-group acl_out in interface outside


static (inside,outside) tcp interface http 192.168.1.10 http netmask 255.255.255.255 0 0

static (inside,outside) tcp interface smtp 192.168.1.23 smtp netmask 255.255.255.255 0 0


Reference:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html


sincerely

Patrick


Actions

This Discussion