×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.
gfullage Tue, 03/18/2003 - 15:16
User Badges:
  • Cisco Employee,

how to what?


If you mean you only have one IP address, then for outbound traffic do:


> nat (inside) 1 x.x.x.x

> global (outside) 1 interface


If you have any internal servers that require connections from the outside, then you'll have to port-map them with a static thus (example using port 25):


> static (inside,outside) tcp interface 25 y.y.y.y 25 netmask 255.255.255.255


where y.y.y.y is your internal SMTP server address.

nsteup Fri, 03/21/2003 - 02:07
User Badges:

Hi Glenn,


there is one problem in configuring that. You need to define an access-rule outside incoming like following:


access-list outside_in permit tcp any host "outside ip" eq 25


now if your pix receives an ip address via pppoe or dhcp from your provider, how will you change your "outside ip" dynamically?


So your config is correct and works fine if you have one ip address AND if it is static defined by your provider.


Regards Norbert

Actions

This Discussion