We are using a PIX 501 behind a DSL modem. We have a single public IP address assigned to the outside interface of the modem, a single private IP address on the inside interface of the modem and a single private IP on the outside interface of the PIX. How can we route traffic (smtp / remote desktop (tcp 3389))pointed to the public IP (outside interface of the modem) to a system on the private subnet on the inside interface of the PIX?
Example: DSL modem outside: 207.154.14.xxx
DSL modem inside: 192.168.0.1
PIX outside: 192.168.0.2 (gateway 192.168.0.1)
PIX inside: 192.168.1.1
We want to route smtp / terminal services directed to 207.154.14.xxx to server 192.168.1.10. Thanks.
Thanks - it is a DSL modem, ActionTec 1524. All I can do on it is turn NAT off. I have set port forwarding on it to pass both port 25 and 3389 to the outside address of the PIX (192.168.0.2) and set the access-list in the PIX to allow those ports to pass to the server (192.168.1.10), do I need to set up a static route from 192.168.0.2 (outside PIX) to 192.168.1.10 (Server)?
Assuming you want to remote-desktop TO the inside pc (192.168.1.10) FROM an internet address, you would need to NAT the inside pc to a static global IP address.(seperate from DSL modem's external IP or PAT to specific port using the DSL modem extrenal IP)
When you access internet from your internal pc's (192.168.1.0/24) the source address is your DSL modem external IP, becuase of NAT. The return traffic is hence translated to the original private ip and forwarded to internal pc's.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :