topology looks like this:
inside -- pix -- outside
Pix version is 6.3.(?)
For example I disable translation on dmz interface: nat 0....
Does it work if i use static command to make a translation rule between ip addresses in dmz and outside?
Can i use private ip addresses for the edge servers in dmz somehow and then translate them to public using static command ?
Does it help much if public ip addresses will be in use in dmz segment?
Could anyone suggest which exactly command i have to run?
If you are collocating edge server roles on a computer, each should have a separate IP address. If you do not use a separate IP address for each, you must use separate ports for each collocated edge server role. For collocated edge server roles, we recommend having the IP addresses equal the number of server roles plus one, which provides a separate external IP address for each server role and a shared internal IP address.
To conform to the requirement of a publicly routable IP address of the A/V Edge Server, the external firewall of the perimeter network must not act as a NAT (Network Address Translator) for this IP address.
Additionally, the internal firewall must not act as a NAT for the internal IP address of the A/V Edge Server. The internal IP address of the A/V Edge Server must be fully routable from the internal network to the internal IP address of the A/V Edge Server.
Thank in advance,