Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Many-to-One DNAT?

Hypothetical situation -

net 10.10.10.0/24 routes to PIX 'outside' int

webserver on the 'inside' at 192.168.1.1

ACLs asside for the moment, is it possible to have any www traffic hitting the 'outside' interface forwarded towards 192.168.1.1?

Without keying up 255 'alias' entries that is.

3 REPLIES
New Member

Re: Many-to-One DNAT?

static (inside,outside) tcp interface 80 192.168.1.1 80 netmask 255.255.255.255

should take care of your requirement

New Member

Re: Many-to-One DNAT?

Thanks for the quick reply but I think I miss-stated what I was going for. "any www traffic hitting the outside int" could have been put a bit more clearly.

Say the outside int ip is 172.16.1.1

Some arbitrary outside router directs 10.10.10.0/24 to 172.16.1.1

I'd like to be on the 'outside' and point my browser to http:\\10.10.10.x and have the PIX automagically show me content on that inside host - where "x" is anything on the subnet.

The static suggestion would work fine but only if I was after http:\\172.16.1.1

New Member

Re: Many-to-One DNAT?

I believe you can only have a single one-to-one NAT for the internal 192.168.1.1 web server.

100
Views
0
Helpful
3
Replies
CreatePlease to create content