02-09-2004 06:18 AM - edited 03-09-2019 06:21 AM
Hi ,
We have a PIX 515 6.3
we have the following problem.
We want to publish a server in our DMZ to the internet. The problem is that we should nat the IP of host from internet to a private net .
Is that possible ?
thanks
02-09-2004 10:37 AM
Sure - we do it in our development environment.
Just reverse your nat/global statements for reverse NAT (source NAT).
For example, we use:
global (inside) 2 192.168.100.250
nat (outside) 2 10.0.0.0 255.0.0.0 outside 0 0
Which takes all inbound connections from the outside and source NAT's them to 192.168.100.250 which is how our servers inside now perceive all connections.
-Greg
02-11-2004 03:28 PM
what you try to achieve here is to allow internet user to access a server at your dmz, right? if so,
static (dmz,outside)
access-l xxx permit tcp host
access-g xxx in interface outside
hope this help
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: