Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Question on firewall configuration

figure.jpg       

Hi

The above configuration is the sketch of my network with PIX firewall 515E. 200.2.xx.xx are the public IPs.

It has been configured that if someone through Internet access specific services like http

of 200.2.xx.xx is routed through to local address 192.168.0.240. Anyone can access

the sevice using the domain name or the public address 200.2.xx.xx.  When it is in the LAN,

we can access the website using the domain name but not with the public IP address.

But accessing via local address is successful like http://192.168.0.240. Is there a way to re-route

the traffic to the LAN address if someone inside the LAN access the service using the public address?

Please help me.

Actually, I need to configure a server that will only use IP address. But both inside and outside users

should be allowed to access the service using the public IP address. So far, users have to use

public IP when they are at home and private IP when they are in the LAN. Thank you.

Everyone's tags (1)
3 REPLIES
New Member

Question on firewall configuration

Hello Refg,

Configuration is do-able, but you will need software version 7.2(1) at least, I recommend 7.2(4) latest interim.

What is the firmware version running on your PIX appliance?

Ahmad

New Member

Question on firewall configuration

Thanks, Ahmad.

I do not have 7.2 right now and I am not authorised to do the upgrade. There is no walkaround for this?

New Member

Re: Question on firewall configuration

Hello Refg,

Unfortnately no, since commands needed were introduced in that version.

One of the commands used is same-security-traffic permit intra-interface applies to non-encrypted traffic after 7.2(1).

Ahmad

319
Views
0
Helpful
3
Replies
CreatePlease login to create content