Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT translating multiple outside addresses to one inside address

Hi guys,

I'm putting a new PIX as the outside firewall of our DMZ, there is an ISA server between the new PIX and the internal network.

There are two web servers inside the ISA and both have their IP addresses translated to the outside interface of the ISA firewall for port 80.

Now I need to put a NAT on the PIX to translate two public ip addresses to the ip address of the ISA firewall outside interface for Internet users to use both web servers.

But it seems to me that PIX doesn't do it. Could any one tell me how this can be done?

Here is the diagram of my network:

Internal-192.168.0.X(ISA)10.0.0.1----10.0.0.2(PIX)123.2.3.1----123.2.3.4(router)

Two web servers are on the Internal network, both translated to 10.0.0.1/80. The ISA server identifies the different web server by URL.

Thanks,

Joy

1 REPLY
Cisco Employee

Re: NAT translating multiple outside addresses to one inside add

Joy,

As you mentioned, the PIX will not allow to NAT 2 external (outside) address to NAT to one inside address.

The only workaround i can think of is to have a secondary IP address on your ISA server and NAT 2 outside address to 2 inside address, and since both inside address are configured on your ISA PC, it will arp for it.

HTH

R/Yusuf

234
Views
0
Helpful
1
Replies