07-17-2008 09:30 AM - edited 03-11-2019 06:16 AM
Hi,
I want to configure my pix firewall 7.x in a way
but when 172.28.72.0 subnet access sthat when subnet 172.28.92.0 access the 172.28.35.28 server located in DMZ they access it as it is.ame server in dmz 172.28.35.28 they access it via ip 172.28.98.28.
means i want to do static translation of 172.28.35.28 into 172.28.98.28 only for the subnet 172.28.92.0.
rest all networks access it with original IP 172.28.35.28 from outside network.
Please tell me how to do the policy nat/static.
I will be very greatful to u.
07-17-2008 10:42 AM
What I can understand from your posting is :
Outside subnet - 172.28.92.0/24
DMZ server ip - 172.28.25.28
when 172.28.92.0/24 access 172.28.35.28 it should be redirected to 172.28.98.28
access-list PNAT-ACL permit ip 172.28.92.0 255.255.255.0 host 172.28.35.28
static(DMZ,Outside) 172.28.98.28 access-list PNAT-ACL
Hope this helps.
07-17-2008 01:31 PM
thanks for the reply,
i want 172.28.35.28 server to be access by 172.28.31.0 subnet as 172.28.98.28.
and for 172.28.92.0 subnet it is available on the original IP.
Both user subnet are located inside interface of firewall. and Server is located in dmz.
Right now this server is available for everyone on 172.28.98.28
static(inside,edn) 172.28.98.28 172.28.35.28 netmask 255.255.255.255
But now few applications in 172.28.31.0 subnet are having problem they want to access this server on real IP.
that is the reason i want to translate this server only for 172.28.31.0 and also be available as original Ip for 172.28.92.0 subnet.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide