10-08-2005 02:31 AM - edited 02-21-2020 12:27 AM
Hello, I have a pix 515 in V7.0 version. I must make Nat Destination for PCs in inside. I must nat destination of a public addresse (public1) to an other public addresse (public2). This translation functions correctly,with "static (outside,inside) public1 public2 netmask 255.255.255.255" but when i want to go to the address public2 directly whithout Nat Destination, with Pat Source, i can't, I have an error message : No translation group found for protocol.
Thank you for your assistance
10-08-2005 04:41 AM
"static (outside,inside) public1 public2 netmask 255.255.255.255", so public2 is the real ip of the pc.
i guess it's normal as the pix will not recognise any traffic with destination public2 from the outside interface.
e.g.
static (outside,inside) 10.0.0.1 192.168.0.1 netmask 255.255.255.255 0 0
pix outside interface will be able to identify traffic with destination 10.0.0.1 not 192.168.0.1, as 192.168.0.x/24 is secured by pix. in other words, pix will not and should not expose the private network regardless whether the network is public or private.
there maybe workaround with the issue. would you please provide more details in terms of the ultimate objective?
10-09-2005 10:27 AM
The problem met it is that I have PCs which have a bad address IP (public1) of smpt server in their smpt client. To prevent modifying the configuration of the PCs a translation is installation so that when these PC send a request smtp, this one is sent towards the good smpt server (public2). On the other hand there are PCs which are configured correctly, and those must be able to question the good smpt server (public2).
This configuration functions already with a firewall Winroot which I must replace by Pix.
The PCs are in inside, the smtp servers public1 and public2 are in outide.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide