I have following issue:
I have a Cisco PIX 515E, and people where I rent my office from they provided me with a what looks like either a hub or switch where they told me to plug in too, they gave me few public IPs that I can use, but here is the thing... one of these IPs I assigned on outside interface, made NAT working, routing all and all, yet I need to have other IPs pointed to me so I can do static routes to my other server/devices, yet if i dont assign them to myself, they are "nowhere"... is there a way for me to assign all of my ips somehow on outside interface? i.e. to assign more then one IP on outside interface?
As long as the other addresses are routed to the outside interface of your pix you do not need to assign them to a physical interface eg.
your outside interface on pix is 220.127.116.11
you also have 18.104.22.168 - 6 to use as public IP addresses.
you want to present an internal server of 192.168.5.10 as 22.214.171.124 to users on the outside so they can access web services
static (inside,outside) 126.96.36.199 192.168.5.10 netmask 255.255.255.255
access-list outside_access_in permit tcp any host 188.8.131.52 eq 80
access-group outside_access_in in interface outside
well, thats the problem... nothing is routed to me, its sort of if i assign it to myself i have it if i dont assign it i dont have it...
"they gave me few public IPs that I can use"
Can you confirm that the public IP's in your above statement are real IP addresses assigned to you ?
If so are you saying you need more addresses or you just want to use the ones you have been assigned. The IP addresses assigned to you will be routed to your firewall - otherwise you wouldn't be able to use any of them. So if you just want to use all the public IP addresses assigned to you see my previous post.
If you want additional ones you need to talk to the people who you rent the building off. You cannot assign yourself public IPs.
i was given a list of non-sequancial IPs that I can use for myself, public IPs and I need to use those IPs
my setup is like this
internet <-> building.network (switch) <-> pix <-> my.server
they not routed to my pix, so i just have to take them, thats how i assigned one of them to pix right now (outside), but i have list of other ips that i need somehow route over myself or assign to myself, which i dont know how...
Okay, out of those IP addresses you have used one of the IP addresses for the outside interface of your pix.
So as per previous post you can use the other IP addresses to represent internal addresses.
From your example above
my.server = 192.168.5.10
One of the spare public IP addresses = 184.108.40.206
static (inside,outside) 220.127.116.11 192.168.5.10 netmask 255.255.255.255
the above statement tells your pix that any requests arriving at the outside interface of your pix for 18.104.22.168 will be translated to 192.168.5.10. It also says any traffic coming from 192.168.5.10 destined for the internet will be translated to 22.214.171.124 as it goes out.
You need to make sure you have allowed access to your server if you want people from the Internet to access the internal server ie. see previous post for access-list details.
i already have all that in my pix, the problem is i have more the one static route into my pix, and since just one of ip is assigned to my outside interface and rest just out somewhere...
so i somehow need to assign more then 1 ip to my outside interface
or whenever you said "route" to me, how would I explain it to their network guy? if he's not knowlegable enough? if i get access to their route what do i need to do there?
If they are in the same subnet you should not need to add routes anywhere - if they were in a different subnet you would.
Can you post the IP address of
1) The outside interface of your pix + the subnet mask that goes with it
2) The default-gateway on your pix
3) The spare addresses
You do not to post real addresses but you do need to post the correct last octet eg.
They are all part of the same subnet so you should not need any additional routes as far as i can see. This presumably what the network looks like
Internet -> Building_router (126.96.36.199) -> (188.8.131.52) -> your pix -> yourserver
I'm guessing .56 is the pix address.
So it looks like there might be a problem with the pix configuration. Can you post
1) the config minus any sensitive info
2) the inside address of the server
3) the public ip address you have assigned to the server