Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

public ip's behind private interface

Hey All,

Trying to upgrade from a watchguard to pix 515e. The watchguard was allowing my class c public set of ip address to reside behind the firewall (without nat).

Is there a way to accomplish this with the pix? If so, could you let me in on the secret?

do I have to assign private ip's to what once was a public host and provide an alias? That seems to be a lot of overhead. Can I us a DMZ if so, will I have to subnet my class C to provide different networks for the DMZ interface and the public interface?

Danke alle

Matt

3 REPLIES
Bronze

Re: public ip's behind private interface

Hi,

you can do :

static (inside, outside) pub-ip-subnet pub-ip-subnet

thx

Afaq

New Member

Re: public ip's behind private interface

HI.

You can also use:

nat (inside) 0 ...

or

nat (dmz) 0 ...

It depends on the exact scenario you have.

Yizhar

New Member

Re: public ip's behind private interface

Hey Yizhar,

Thats just it, I don't have one yet. I don't mind rethinking, the way my network is setup. I am just trying to figure out what would be the best way. I have a public class c pool. I need public servers either in the dmz or in the private area. To put the servers behind the private int. would i need to subnet my class c to accomodate putting the servers behind the private int. would i use the alias command.

what would be the best practice with the least amount of overhead

Thanks

Matt

104
Views
0
Helpful
3
Replies
CreatePlease login to create content