I need to telnet from the public Internet into a box that is sitting behind a PIX and is using a private IP address. I have already used NAT to translate an available public IP to the internal/private IP of this box. However, the problem is that this box does not have the routing setup to properly reply to clients connecting to it from a source IP from the public Internet. Is there a way that I can somehow make clients with public Internet address look like they are being sourced from a private address? In this way the box would be responding to a private IP instead of the true source which is not reachable.
This certainly seems to be what I want to do and it jives with the documentation suggested in the previous post. However as soon as I apply the nat (outside) command it totally breaks all my outbound traffic that is being "natted inside". I thought that it might have to do with the ACL that I was using but even when I used a totally bogus ACL like:
it still broke my inside NAT. What's worse since I couldn't get outside anymore I couldn't even check if the outside NAT stuff was working. When I did a "show xlate" the xlate table looked OK but no traffic passed to inside hosts.
which networks are routed towards the PIX from the "telnet box" perspective. I wonder what prevents the box from accessing the internet? Is there no default gateway?
If no networks are routed towards the PIX, the box is inaccessible from the internet through this PIX. End of story.
If only a private network - f.e. 10.1.1.0/24 - is routed towards the PIX, you have the option of setting up a VPN to the PIX and assign an IP out of 10.1.1.0/24 to your VPN client. Or you setup source NAT, i.e. your internet IP should be translated to an IP out of 10.1.1.0/24 and in addition destination NAT, which you have already established as far as I understand.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...