I've got a Pix that is statically mapping an internal ip to a global. Now my question is when I'm sitting inside the network. I can only reach that equipment with the private address and not with the public. But when I'm on the outside, I currently am able to reach it only by the public address. Arent I suppose to reach it by the public address regardless where I am. And is there a configuration I'm missing to put in my PIX that will allow it. Any help would be appreciated.
This is the default PIX behavior. If you're trying to access the resource using DNS, you can use the key word "DNS" after your static command which should do DNS fixups. You need to be runnung 6.2 for this, I believe.
Check the Cisco Docs for more infor regarding the static command.
I've experienced this problem -- use the alias command to allow NAT on interfaces with a higher security number (I believe that's what it's for). Anyway, look in your reference book... here's what I did for my alias command (it allowed me to access the global address from the inside interface):
alias ( ) 255.255.255.255
intf = the interface you're wanting to access the global IP from (ie. your inside interface, etc.)
If you're not doing a one-to-one translation (static for one IP address) then change the subnet mask to reflect that.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :