Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
425
Views
0
Helpful
3
Replies

Pix 6.x w/ one IP howto?

jonathan.green
Level 1
Level 1

‎03-18-2003 09:22 AM - edited ‎02-20-2020 10:37 PM

Hello there;

This should be an easy one - could someone please point me in the right direction? I've seen this config before, but don't remember where.

Thank you,

Jonathan

0 Helpful
3 Replies 3

gfullage
Cisco Employee
Cisco Employee

‎03-18-2003 03:16 PM

how to what?

If you mean you only have one IP address, then for outbound traffic do:

> nat (inside) 1 x.x.x.x

> global (outside) 1 interface

If you have any internal servers that require connections from the outside, then you'll have to port-map them with a static thus (example using port 25):

> static (inside,outside) tcp interface 25 y.y.y.y 25 netmask 255.255.255.255

where y.y.y.y is your internal SMTP server address.

0 Helpful

jonathan.green
Level 1
Level 1
In response to gfullage

‎03-19-2003 01:54 PM

appreciate the input. that sounds familiar, thank you.

-jonathan

0 Helpful

nsteup
Level 1
Level 1
In response to gfullage

‎03-21-2003 02:07 AM

Hi Glenn,

there is one problem in configuring that. You need to define an access-rule outside incoming like following:

access-list outside_in permit tcp any host "outside ip" eq 25

now if your pix receives an ip address via pppoe or dhcp from your provider, how will you change your "outside ip" dynamically?

So your config is correct and works fine if you have one ip address AND if it is static defined by your provider.

Regards Norbert

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card