Stumped on this one, wonder if anyone has seen it?
Have a PIX 525 running version 6.1.4 and doing some STATIC translations for a small subnet of 10.50.x.x range on my outside interface inbound for 144.45.184.x (internal IP range). The 10.50.x.x range is also used on my internal network that's why I'm having to NAT the 10.50's to my 144.45 subnet.
I see inbound connections coming from the 10.50 range from my outside interface, but when I do a SHOW XLATE I see no translations of the 10.50's to my 144.45 range. I can't do PAT since these connections require different IP addresses due to the server they are connecting to.
Any ideas / suggestions / comments always appreciated....
Apologies but i made a wrong assumption. The ability to translate source address coming from the outside was introduced on pix v6.2(1). From the 6.2(1) release notes
Bi-Directional Network Address Translation (NAT)
PIX Firewall software version 6.2 allows Network Address Translation (NAT) of external source IP addresses for packets traveling from the outside interface to an the inside interface. All functionality available with traditional NAT such as fixups, Stateful Failover, dynamic NAT, static NAT, and PAT are available bidirectionally in this release
So it looks like your version won't support the commands i gave. Once again, apologies for that. We use 6.3 on our firewalls as well as v7.x.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...