I only have 2 ip addresses that I can assign to my PIX. I need to open up mail, web, and https to the outside world. Everything I have read does a one-to-one static translation. Can I do a one-to many translation like this?
access-list 100 permit tcp any host XXX.XXX.XXX.15 eq www
access-list 100 permit tcp any host XXX.XXX.XXX.15 eq smtp
access-list 100 permit tcp any host XXX.XXX.XXX.15 eq ftp
static (inside,outside) XXX.XXX.XXX.15 192.168.1.4 netmask 255.255.255.255 0 0
static (inside,outside) XXX.XXX.XXX.15 192.168.1.5 netmask 255.255.255.255 0 0
static (inside,outside) XXX.XXX.XXX.15 192.168.1.6 netmask 255.255.255.255 0 0
access-group 100 in interface outside
I know this can be done on any other firewall, just not sure about the PIX.
I have successfully done this on a checkpoint,Raptor and ISA with out any issues.
Thanks for your help