Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How to NAT into 2 different public IP's on PIX?

I know this is possible, but I just can't figure out what the config would look like. The goal is to be able have a server farm inside a firewall answer requests that are destined to 2 different IP blocks during a migration period.

The internal server farm would be statically configured with New-ISP-Net ip's, so the pix would just translate requests destined to these ip's directly to the servers (if traffic is allowed via an acl of course).

This can be done with either a NAT 0 or static (inside,outside) x.x.x.x x.x.x.x.

The part I am trying to figure out is that we want to also allow those same servers answer request that come in for OLD-ISP-Net ip's. What is the best way to have the pix handle this dual/policy NAT situation?

  • Firewalling
1 REPLY
New Member

Re: How to NAT into 2 different public IP's on PIX?

As long as the communication is initiated from outside and is stateful (ie TCP), you can add another inside IP address to the NIC of the server, then you would have 2 NAT translations on the PIX to the different internal IP addresses:

Server1: 192.168.1.1 & 192.168.1.2

static (inside,outside) 192.168.1.1 netmask 255.255.255.255

static (inside,outside) 192.168.1.2 netmask 255.255.255.255

125
Views
0
Helpful
1
Replies