Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Cisco Employee

Natting ouside IP

Hi ,

We have a PIX 515 6.3

we have the following problem.

We want to publish a server in our DMZ to the internet. The problem is that we should nat the IP of host from internet to a private net .

Is that possible ?

thanks

2 REPLIES
New Member

Re: Natting ouside IP

Sure - we do it in our development environment.

Just reverse your nat/global statements for reverse NAT (source NAT).

For example, we use:

global (inside) 2 192.168.100.250

nat (outside) 2 10.0.0.0 255.0.0.0 outside 0 0

Which takes all inbound connections from the outside and source NAT's them to 192.168.100.250 which is how our servers inside now perceive all connections.

-Greg

Gold

Re: Natting ouside IP

what you try to achieve here is to allow internet user to access a server at your dmz, right? if so,

static (dmz,outside) netmask 255.255.255.255 0 0

access-l xxx permit tcp host eq www

access-g xxx in interface outside

hope this help

86
Views
0
Helpful
2
Replies
CreatePlease login to create content