Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

can pix do this?

can pix do this?


for instance,pix's public address is,its private ip address is,there is a server whose ip address is,if someone in internet want to access tcp ports from 2000 to 5000 of,the pix can forward all the traffic to can,how to do this?

2.VPN problem

the structure is :

INTERNET--ROUTERA--PIX--LAN,both the ip address of inside and outside of the router are public address,and both the ip address of inside and outside of the pix are private address,.but I use NAT to translate the pix's outside ip address to a public address,then can pix act as a vpn server?that means if someone in internet can dialer in the pix with cisco vpn client software?if can,is there any diffirent config in pix or router?in the pix's place,if there is a routerb or vpn3000,can they act as vpn server?



Re: can pix do this?

1. You ideally want another legitimate internet ip address so that you could statically map it to Otherwise, if you are using PAT, you would need a static port forwarding statements for each of those ports, which would be ugly. If you cannot get another ip to statically map to, I would recommend considering only allowing access to that app through a vpn.

2. how can you have legit ip addresses on both ints of the router, and not one on the outside of the pix? aren't the routers inside int and the pix's outside on the same subnet?

CreatePlease to create content