Does anybody know if I can configure our PIX to have two NAT's for the same host? Basically our PIX is setup with one inside interface, one server interface, and one ourside interface. I currently have a static nat for the server so that when you go to the public address from the inside interface it translates to the servers real IP. I also need to be able to get to the servers real IP address from the inside interface while still being able to get to the server via it's public address from the inside interface. Here are some portions of the configuration;
access-list acl_out extended permit tcp any host XXX.XXX.XXX.147 object-group http-https
access-list dmz2outside extended permit tcp any host XXX.XXX.XXX.147 object-group http-htts
access-list inside2outside extended permit tcp any host XXX.XXX.XXX.147 object-group http-https
static (dmz,outside) XXX.XXX.XXX.147 LB1_10.107.252.10 netmask 255.255.255.255 dns
but the PIX will not let me add that to the configuration stating that the other static rule exists. I don't believe that we can do what we are trying to accomplish here but I just wanted to see if anyone knows for sure.
We actually created a new server on our load balancers and created anew NAT for it so now we can change the dns records to the new IP and just phase out the old private and public IP. Thanks for looking but we are all set now.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...