Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

is this NAT config possible o a PIX515e?

i have been asked if it's possible to have inside users (172.16.1.1) who have a dns entry pointing them to our outside interface (1.2.3.4) for our web site company.net to be rerouted to our dmz which is 10.10.5.0 with out going out of the PIX and back in b/c you cant ping from our inside int to our outside int.

i attached a simple diagram b/c it's hard to explain.

let me know if you need more info.

thanks alot - jerry.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: is this NAT config possible o a PIX515e?

5 REPLIES

Re: is this NAT config possible o a PIX515e?

Community Member

Re: is this NAT config possible o a PIX515e?

that worked but now i cant ping the internal ip - 10.10.5.6. i can rdp into it though but my monitor software says it's down b/c of the ping.

so i added this alias (inside) 1.2.3.4 10.10.5.6 255.255.255.255

any ideas on the ping?

thanks a ton - jerry

Cisco Employee

Re: is this NAT config possible o a PIX515e?

Jerry add this :-

nat (inside) 1 0 0

global (dmz) 1 interface

static (dmz,inside) 1.2.3.4 10.10.5.0

see if this helps !

Community Member

Re: is this NAT config possible o a PIX515e?

havent tried this one yet.

Cisco Employee

Re: is this NAT config possible o a PIX515e?

its not possible to access the server from its private ip address in case you have "DNAT" configured.i.e either you can access it via private ip address or public ip address

118
Views
0
Helpful
5
Replies
CreatePlease to create content