Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

pix 515 static question

I have setup a pix 515 at home on my broadband connection for testing. I was wondering if it is possable to use the static command to map a Internal to the dhcp assigned address from ISP. I have setup a reverse DNS client to map the dhcp assigned WAN address to a public dns server.

Example:

interface0 outside

interface1 inside

ip address outside dhcp setroute

ip address inside 172.16.0.1

ip route 0.0.0.0 0.0.0.0 dhcp

Thanks,

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: pix 515 static question

Assuming you have something like:

> nat (inside) 1 0 0

> global (outside) 1 interface

for your outbound traffic, you can do the following for inbound:

> static (inside,outside) tcp interface 80 172.16.0.2 80 netmask 255.255.255.255

This'll map any TCP port 80 packet destined for the PIX outside interface to the internal server at 172.16.0.2 on port 80. The keyword "interface" simply means the outside interfaces IP address. You can add as many of these port mappings as you like. The ports don't have to be the same either, you can map port 80 to port 345 if you like.

1 REPLY
Cisco Employee

Re: pix 515 static question

Assuming you have something like:

> nat (inside) 1 0 0

> global (outside) 1 interface

for your outbound traffic, you can do the following for inbound:

> static (inside,outside) tcp interface 80 172.16.0.2 80 netmask 255.255.255.255

This'll map any TCP port 80 packet destined for the PIX outside interface to the internal server at 172.16.0.2 on port 80. The keyword "interface" simply means the outside interfaces IP address. You can add as many of these port mappings as you like. The ports don't have to be the same either, you can map port 80 to port 345 if you like.

95
Views
0
Helpful
1
Replies
CreatePlease to create content