Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Pix 6.x w/ one IP howto?

Hello there;

This should be an easy one - could someone please point me in the right direction? I've seen this config before, but don't remember where.

Thank you,

Jonathan

3 REPLIES
Cisco Employee

Re: Pix 6.x w/ one IP howto?

how to what?

If you mean you only have one IP address, then for outbound traffic do:

> nat (inside) 1 x.x.x.x

> global (outside) 1 interface

If you have any internal servers that require connections from the outside, then you'll have to port-map them with a static thus (example using port 25):

> static (inside,outside) tcp interface 25 y.y.y.y 25 netmask 255.255.255.255

where y.y.y.y is your internal SMTP server address.

Community Member

Re: Pix 6.x w/ one IP howto?

appreciate the input. that sounds familiar, thank you.

-jonathan

Community Member

Re: Pix 6.x w/ one IP howto?

Hi Glenn,

there is one problem in configuring that. You need to define an access-rule outside incoming like following:

access-list outside_in permit tcp any host "outside ip" eq 25

now if your pix receives an ip address via pppoe or dhcp from your provider, how will you change your "outside ip" dynamically?

So your config is correct and works fine if you have one ip address AND if it is static defined by your provider.

Regards Norbert

100
Views
0
Helpful
3
Replies
CreatePlease to create content