L4 NAT

Unanswered Question
Oct 24th, 2007
User Badges:
  • Silver, 250 points or more

hello

is it possible to make a layer4 natting with PIX 535?

i mean, whem PIX receives a packet from internet, it forwards it to an internal server based on destination TCP port for example :-)

may be i am dreamer but this could save public IP addresses (many public services using only one IP public address)


any comment?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
pjhenriqs Wed, 10/24/2007 - 02:49
User Badges:

I believe the concept you are looking for is PAT?


You can NAT all your internal servers to one public address, as long as they are NATed to different ports.


Is this what you are looking for?


ohassairi Wed, 10/24/2007 - 20:16
User Badges:
  • Silver, 250 points or more

no, i think PAT is used to allow many internal client to access internet using one public IP address.

i need the other way : from internet to internal.

people from internet will see many internal servers (with different services:web, DNS,ftp,smtp...) by one public IP address.

PIX wll then forward IP packet to destination based on TCP port destination

amit.secure1 Wed, 10/24/2007 - 22:05
User Badges:

Yes


You can map many internal servers with single public IP address by using static port translation. port forwarding supported by PIX and ASA also.

ohassairi Wed, 10/24/2007 - 22:36
User Badges:
  • Silver, 250 points or more

is there an example in cisco web site?

thanks

Actions

This Discussion