Here's a question about the mechanics of how the PIX handles ARP (I think!)
Assume, just for example, I had a 'standard' PIX installation. 2 interfaces, inside and outside, on standard security levels. I've a number of external IP addresses I can use for services, but, of course, can only use 1 of these IP addresses on the PIX's outside interface.
I know that the PIX can handle outside->inside statics using either the outside interface (port mapping) or one of my other external IP addresses. So, I could have:
access-list allow_in permit tcp any host xx.xx.xx.1 eq www
access-list allow_in permit tcp any host xx.xx.xx.2 eq https
access-list allow_in permit tcp any host xx.xx.xx.3 eq smtp
access-group allow_in in interface outside
(I havent included the statics for brevity).
But- as I understand it, TCP-based connections require sender and receiver to know each others MAC addresses- correct?
So- and this may be a dumb question: as the only device that has a mac address in my scenario is the outside of my PIX, how do devices track what they are talking to?
As I said- really just a technical question.