Have one pix 506e and i have to do the following, can anyone please help me out or little understanding on NAT / Translation would be great.
1. pix 506e is connected to outside int with 2600 router, this router is connected to a gateway in an telecom exchange (which is actually my destination to reach through this pix)
2. inside int of pix 506e is connected to internal lan.
3. the administrator of this router( with whom we will establish commnucation by reaching their gateway eventually) has given me 4 ips form his network side say IP_Z which i have to configure on my PIX so that when my servers will try to reach his gateway he will not see my internal LAN ips but will see the IP_Z which he had given me. according to him i am suppose to do a translation from intertal LAN ip to IP_Z.
now i have configured the pix so that when from the pix i ping to his router i get success, i can ping the gateway which is in exchange from my pix, for this i just created a route on pix
route outside 0.0.0.0 0.0.0.0 IP_Gateway.
coming back to the question, i created a static route on pix
static (inside,outside) IP_Z Internal_LAN_IP netmask 255.255.255.255
but when i try to ping from my server to outside ip int of pix which has an IP Address from the same network subnet as his router intf has which is connect to pix outside intf (i hope it's clear), i get no response and the same results are when i try to ping the gateway from my server. do i need to applie an access-list allowing, i know for icmp i have to allow it since for lower security intface cannot access high security interface.
In short what i want is that on a PIX506E, what is the config to make the inside address/inside lan traffic say 10.10.1.1 leave the outside as 172.16.1.1 and I also need traffic coming into the outside interface destined for 172.16.1.1 to translate to 10.10.1.2
