Redirecting all connections on interface

dan_track · ‎09-06-2007

Hi

In ver 6.2 of the pix os, how can I take all traffic on teh inside interface destined for port 25 and redirect it to say ip x.x.x.x?

Would it be something like

static (inside,outside) x.x.x.x 25 interface 25 netmask (not sure what to put here)

Any help would be appreciated.

Thanks

Dan

whisperwind · ‎09-06-2007

Do it as follows:

static (inside,outside) tcp x.x.x.x 25 192.168.0.222 25 netmask 255.255.255.255 0 0

access-list OUTtoIN permit tcp any host x.x.x.x eq www

access-group OUTtoIN in interface outside

dan_track · ‎09-06-2007

Hi,

Sorry I'm confused by the example.

I don't want a particular internal ip to be redirected I need all of them. Currently I'm using the 10.0.0.0 for all internal hosts.

Any further help would be appreciated.

Thanks

Dan

acomiskey · ‎09-06-2007

I'm not quite sure about what you want but I think you want all smtp requests initiating from the inside to the inside interface of the pix to be redirected to x.x.x.x port 25?

If so, it would be like this and is called destination nat...

static (outside,inside) tcp interface 25 x.x.x.x 25 netmask 255.255.255.255

whisperwind · ‎09-06-2007

Dan then I need you to clarify a bit what it is you are wanting as your initial example shows a single IP address and now I get the impression you want more. Which confused me as most people only have a one or two mail servers, which would only have a single public and private ip per server.