Ok, so I posted before about the basic syntax. I'm trying to get the basic principle of what to do:
I have two WAN statics. One I've assigned to the outside interface of the firewall. The other I assume I don't actually assign to the LAN server, but instead I forward traffic en-route to this second WAN address *to* the LAN server? Is this correct?
So I assigned the outside interface of the PIX the first WAN address (I'll refer to it as 18.104.22.168)
My LAN server is 10.1.1.5.
So: Would a static entry look like this?
static (inside,outside) tcp 22.214.171.124 pop3 10.1.1.5 pop3 netmask 255.255.255.255 0 0
And would my access list look like this?
access-list if_outside permit tcp any host 126.96.36.199 eq pop3
Then I would apply it like this?
access-group if_outside in interface outside
If someone could please point me in the right direction or correct any misconceptions I have about the syntax.
Also, could someone elaborate on that "access-group" syntax?
access-group <pre-defined ACL> ?in? interface ?outside?
How should I think of the "in" and the "outside" ?
Thanks for any help