Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Can A PIX do Port Forwarding

We have NAT to a device in the DMZ and I want to forward traffic coming via the NAT forwarded to another PC in the SMZ which has not 1 to 1 NAT.

Can this be done.

5 REPLIES

Re: Can A PIX do Port Forwarding

Hi,

you should use the static command for this.

With the static command (please specify the port/service inside the static command) you create a 1 to 1 natting for that specific port/service.

Kind Regards,

Tom

New Member

Re: Can A PIX do Port Forwarding

I used the following and it worked, thanks.

static (DMZ,outside) tcp 207.164.111.246 http 10.245.7.234 http netmask 255.255.255.255 0 0

static (DMZ,outside) tcp 207.164.111.246 http 10.245.7.218 http netmask 255.255.255.255 0 0

New Member

Re: Can A PIX do Port Forwarding

Is there any reason why this would work then stop responding after a while until I clear xlate then it works again.

static (DMZ,outside) tcp 207.164.111.246 http 10.245.7.234 http netmask 255.255.255.255 0 0

static (DMZ,outside) tcp 207.164.111.246 https 10.245.7.218 http netmask 255.255.255.255 0 0

Gold

Re: Can A PIX do Port Forwarding

Hi -

Did you save the config with command 'write memory' and then do command 'clear xlate' and is https on the 2nd line should be there?

Thanks - Jay

New Member

Re: Can A PIX do Port Forwarding

I'm pretty sure I did that maybe not in that order, I put the following PAT config back in.

static (DMZ,outside) tcp 207.164.141.246 http 10.245.7.234 http netmask 255.255.255.255 0 0

static (DMZ,outside) tcp 207.164.141.246 https 10.245.7.234 https netmask 255.255.255.255 0 0

static (DMZ,outside) tcp 207.164.141.246 SMTP 10.245.7.118 SMTP netmask 255.255.255.255 0 0

86
Views
0
Helpful
5
Replies
CreatePlease to create content