Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Still learning

I have an existing network that I am installing a pix firewall into. I am putting the web and email servers in the middle of the fire wall to give them some protection. I am trying different sinarios to try to keep from having to change the ip addresses of these servers. Its a real pain getting network Va to change to a new address. I own a class C and the web and email are at 3 and 4 . Can I do a static translation from a public class c address to a private class a address? What are the commands?

1 REPLY
New Member

Re: Still learning

First, the web servers and mail servers etc. should go into the DMZ that you create. (just another interface). As far as addressing goes you can use either publics or privates in your DMZ, it doesn't matter. What does matter is rather or not you NAT. If you are using privates then you need to set up a NAT

global (outside) 1 206.60.60.60-206.60.60.254 [NAT Pool]

nat (inside) 1 10.1.1.0 255.255.255.0

Publics

static (dmz,outside) 206.60.60.0 206.60.60.0

nat (dmz) 0 0 0

The static make the 206.60.60.0 network visable on the outside, the NAT statment says don't NAT 206.60.60.0 in the DMZ.

I suggest you reaed up on this and look at as many examples as possible before you do anything to drastic.

MS

112
Views
0
Helpful
1
Replies
CreatePlease to create content