I wanted to setup a web server inside but maintain the public ip address without doing NAT. Is it possible to have a pubic IP address on the inside and not do NAT with a PIX 501. Do I have to use a static command assigning the public IP its own public IP address? Thanks for the help.
Yes you can. It's possible to use the static command with the same address for both global IP (outside) and local IP (inside).
Since you will open the door to inside with this internal web server, i'm suggesting you to protect it, at least with a host based firewall and a host based IDS and some hardening technics. Also, don't forget to update frequently the OS and all application running on it.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...