Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Pix 515 E routing

I have pix 515E that a proxy server hits to go out to the internet.  The issue Pix I have it set up that anything on the

192.168.5.0/24 subnet gets NATTed to the public IP of 38.125.160.200 and all works find and all.  The proxy server's

IP address is 192.168.5.8.  The issue that I found out was that on the inboud side found out that there is a static

NAT

static (inside,outside) 64.77.50.24 192.168.5.8 dns netmask 255.255.255.255

which causes our back ups to not work cause the third party is expecting a 38.125.160.200 but instead they see

this 64.77.50.24.  The simple solution is to get ride of that static but I was told that will screw up in bound connections

going to the Proxy server.  Is there any way that I can say anything

coming from the 192.168.5.8 address going outbond will be natted to the public IP of 38.125.160.200

and the inbound will remain as is:

static (inside,outside) 64.77.50.24 192.168.5.8 dns netmask 255.255.255.255

Thank you in advance for your help!!!

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Pix 515 E routing

Yes. you can accomplish this but not with what you have already configured.

If you change this 1-1 static for inbound for specific tcp or udp ports

static (inside,outside) tcp 64.77.50.24 8080 192.168.5.8 8080 netmask 255.255.255.255

then you can add

nat (inside) 100 192.168.5.8 255.255.255.255

global (outside) 100 38.125.160.200

This will make the host 192.168.5.8 look like 38.125.160.200 for outbound and for inbound 64.77.50.24 will work.

-KS

2 REPLIES
Cisco Employee

Re: Pix 515 E routing

Yes. you can accomplish this but not with what you have already configured.

If you change this 1-1 static for inbound for specific tcp or udp ports

static (inside,outside) tcp 64.77.50.24 8080 192.168.5.8 8080 netmask 255.255.255.255

then you can add

nat (inside) 100 192.168.5.8 255.255.255.255

global (outside) 100 38.125.160.200

This will make the host 192.168.5.8 look like 38.125.160.200 for outbound and for inbound 64.77.50.24 will work.

-KS

New Member

Re: Pix 515 E routing

Thanks for the info!!!! will give that a shot

316
Views
0
Helpful
2
Replies
CreatePlease to create content