I am configuring a PIX 501 for a small office situation, and have a server internally that is providing web-based services on two separate ports. What I want to do is map a public IP for each internal service on the same server.
The server is providing web services on ports 80 and 86, and I have configured the static nat as follows:
static (inside,outside) tcp 22.214.171.124 www 192.168.0.2 www netmask 255.255.255.255 0 0
static (inside,outside) tcp 126.96.36.199 www 192.168.0.2 86 netmask 255.255.255.255 0 0
I also have my ACLs configured to allow traffic on port 80 to those two external IPs. When I look at the log, I see an error about "Deny inbound (no xlate)" for the second entry.
I'm sure that I'm just missing something simple, but for the life of me can't see it. Any help would be appreciated!
static (inside,outside) tcp a.b.c.x www 192.168.41.10 www netmask 255.255.255.255 0 0
static (inside,outside) tcp a.b.c.y www 192.168.41.10 8501 netmask 255.255.255.255 0 0
302013: Built inbound TCP connection 590854 for outside:/57930 (/57930) to inside:192.168.41.10/8501 (a.b.c.y/80)