Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT public IP to IP inside DMZ

I am trying to NAT an outside IP address to an address in the DMZ and allow only port 80 to that ip address in the dmz.

I'm not that familiar with DMZ configuration, what would the configuration for that look like?

1 REPLY
Green

Re: NAT public IP to IP inside DMZ

pix ip address outside = 1.1.1.1

pix ip address dmz = 192.168.200.1

webserver = 192.168.200.10

webserver outside ip = 1.1.1.2

static (dmz,outside) 1.1.1.2 192.168.200.10 netmask 255.255.255.255

access-list outside permit tcp any host 1.1.1.2 eq 80

access-group outside in interface outside

or if you're using 1.1.1.1 to access webserver you could have this...

static (dmz,outside) interface 192.168.200.10 netmask 255.255.255.255

or port translate like this...

static (dmz,outside) tcp interface 80 192.168.200.10 80 netmask 255.255.255.255

107
Views
5
Helpful
1
Replies