cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
301
Views
5
Helpful
1
Replies

NAT public IP to IP inside DMZ

estadlercisco
Level 1
Level 1

I am trying to NAT an outside IP address to an address in the DMZ and allow only port 80 to that ip address in the dmz.

I'm not that familiar with DMZ configuration, what would the configuration for that look like?

1 Reply 1

acomiskey
Level 10
Level 10

pix ip address outside = 1.1.1.1

pix ip address dmz = 192.168.200.1

webserver = 192.168.200.10

webserver outside ip = 1.1.1.2

static (dmz,outside) 1.1.1.2 192.168.200.10 netmask 255.255.255.255

access-list outside permit tcp any host 1.1.1.2 eq 80

access-group outside in interface outside

or if you're using 1.1.1.1 to access webserver you could have this...

static (dmz,outside) interface 192.168.200.10 netmask 255.255.255.255

or port translate like this...

static (dmz,outside) tcp interface 80 192.168.200.10 80 netmask 255.255.255.255

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: