Static Nat - Two Global address's one local

Unanswered Question
Mar 1st, 2004
User Badges:

Hello


I have a Pix 525, Is it possible to have two different Gobal address's statically nating to one local address? i.e:


static (inside,outside) 192.168.0.1 10.1.1.1 netmask 255.255.255.255

static (inside,outside) 192.168.0.2 10.1.1.1 netmask 255.255.255.255


Thanks in advance for your help




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
steven.wilson Mon, 03/01/2004 - 09:17
User Badges:

For some unknown reason the PIX will accept the two lines of programming even thi=ough they are wrong.

If you, for example, wish e-mail to be on 192.168.0.1 and http on 192.168.0.2 both to point at the same inside IP address of 10.1.1.1 you will need to write the lines as specific port NAT statements and also write the access-list on the outside interface to allow the specific services through to the address.

The other way to do it is to give the inside server more than one address on the network card and statically NAT the two outside addresses to the two inside addresses


Cheers

Steve

wayne.mabis Mon, 03/01/2004 - 10:24
User Badges:

if this is the situation then it is possible to map two global ips to a single private ip, but it is possible only in

6.3.3 code. If you want to implement this situation then we may have to go with the upgradation of firewall OS depending on what code you are on?

Actions

This Discussion