Re: natting on the pix firewall which is having two interfaces 5

mukthar786 · ‎05-30-2006

dear sir,

i want to do the natting on the pix firewall which is having two interfaces

E0---XXX.210.233.69 255.255.255.248

E1 --10.1.105.1 255.255.0.0

THE INTERNET CONNECTION IS CONNECTING TO 1711 ROUTER whos IP ADD XXX.210.223.66

& pix is connected to the 1711 router.

please suggust to natting.

best regards.

jmia · ‎05-30-2006

The PIX will do the NAT’ing for you; all you’ll need to make sure are as follows:

ip address outside xxx.210.233.69 255.255.255.248

ip address inside 10.1.105.1 255.255.255.0

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

route outside 0.0.0.0 0.0.0.0 xxx.210.223.66

The above setup will NAT all your internal hosts to one public IP (i.e. xxx.210.233.69). If you have more than one public IP available to you then you can change the above configuration but to get everything up and running the above will be just fine.

If you have internal mail server and require smtp access with one public IP then the following will suffice:

access-list mail_in permit tcp any host xxx.210.233.69 eq smtp

access-group mail_in in interface outside

static (inside,outside) tcp interface smtp smtp netmask 255.255.255.255 0 0

Make sure that your MX record is pointing to xxx.210.233.69, also after the ACL and static configuration make sure to issue – clear xlate and save with write mem.

There are other setup methods but the above should be ok to get you up and running!!

Let me know how you get on, please rate posts if it helps.

Jay

natting on the pix firewall which is having two interfaces 525