I have a need for our internet router to send syslog to a server on the inside interface of a PIX firewall. The internet router connects to the outside interface of the PIX. The interface on the router that faces the PIX has an ip of 18.104.22.168 and the outside interface of the PIX is 22.214.171.124. The host address of the inside syslog server is 10.1.1.100, which is off the inside interface on the PIX.
currently the PIX is configured with a NAT (1) 0.0.0.0 0.0.0.0 with a global statement that uses the "interface" (outside address of PIX, or 126.96.36.199). The syslog server 10.1.1.100 has a need for internet connectivity for things like web updates, etc. I'd like to keep it so that it uses the existing NAT when connecting to the Internet. However, I need a way for the internet router to send its syslog through to the inside server. I figure I could do a static, but that would end up translating all traffic from my syslog host, and I was hoping to just translate it when the router initiated to it and had syslog data to send. Obviously the router does not know about the 10.1.1.x network, so I need a way to get it back into the inside network, without affecting any internet traffic that is initiated from the syslog server. How can I best accomplisth this?