Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Alternate for alias command inPIX

hi all,

Is there is any alternative command for alias command ( PIX Version 6.3 )with which Destination address can be NATed. PDM doesnt work because this command is not supported.

Cisco Employee

Re: Alternate for alias command inPIX

You can use the Destination-NAT static feature in 6.3 to do this.

Let's say you have a user on the inside that connects to a host at on a DMZ interface. The inside user actually connects to cause that's what his DNS query returns, but you need to change that to as it goes through the PIX.

THe command you need is as follows:

static (dmz,inside) netmask

Note how the interface names are swapped around from a "normal" static. The above command says that if the PIX sees a packet on the inside interface destined to, send it out the dmz interface destined to

Community Member

Re: Alternate for alias command inPIX

Say I have two inside interfaces and an outside interface:

DMZ_a host

DMZ_b host

public address for DMZ_b host is

If I want DMZ_a host to hit the public address for DMZ_b host, how would I set this up? Would it be like this:

static(DMZ_b,DMZa) netmask


CreatePlease to create content