Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

can pix do this?

can pix do this?

1.NAT PROBLEM

for instance,pix's public address is 218.242.2.1,its private ip address is 192.168.0.1/24,there is a server whose ip address is 192.168.0.100,if someone in internet want to access tcp ports from 2000 to 5000 of 218.242.2.1,the pix can forward all the traffic to 192.168.0.100?if can,how to do this?

2.VPN problem

the structure is :

INTERNET--ROUTERA--PIX--LAN,both the ip address of inside and outside of the router are public address,and both the ip address of inside and outside of the pix are private address,.but I use NAT to translate the pix's outside ip address to a public address,then can pix act as a vpn server?that means if someone in internet can dialer in the pix with cisco vpn client software?if can,is there any diffirent config in pix or router?in the pix's place,if there is a routerb or vpn3000,can they act as vpn server?

thanks

1 REPLY
Silver

Re: can pix do this?

1. You ideally want another legitimate internet ip address so that you could statically map it to 192.168.0.100. Otherwise, if you are using PAT, you would need a static port forwarding statements for each of those ports, which would be ugly. If you cannot get another ip to statically map to 192.168.0.100, I would recommend considering only allowing access to that app through a vpn.

2. how can you have legit ip addresses on both ints of the router, and not one on the outside of the pix? aren't the routers inside int and the pix's outside on the same subnet?

181
Views
0
Helpful
1
Replies
CreatePlease to create content