pix nat, 1 ip (basic question)

Discussion in 'Cisco' started by Adam KOSA, Jan 14, 2005.

  1. Adam KOSA

    Adam KOSA Guest

    Hi folks,

    i'm confused, reading the pix docs. i understand how to do static and acl
    configs to provide access to dmz servers. but missing the theory, and
    therefore i'm confused about this: can the pix (515e) do this:

    static (dmz,outside) tcp <ext ip> 80 <dmz server ip> 80
    access-list acl_outside permit tcp any <ext ip> eq 80

    with only one external ip address? i mean the <ext ip> can be the pix's
    ip address? or does it have to be different; do i have to have at
    least 2 ip addresses to provide access to dmz servers?

    thanks
    Adam
     
    Adam KOSA, Jan 14, 2005
    #1
    1. Advertising

  2. In article <>,
    Adam KOSA <> wrote:
    :i'm confused, reading the pix docs. i understand how to do static and acl
    :configs to provide access to dmz servers. but missing the theory, and
    :therefore i'm confused about this: can the pix (515e) do this:

    :static (dmz,outside) tcp <ext ip> 80 <dmz server ip> 80
    :access-list acl_outside permit tcp any <ext ip> eq 80

    :with only one external ip address? i mean the <ext ip> can be the pix's
    :ip address? or does it have to be different; do i have to have at
    :least 2 ip addresses to provide access to dmz servers?

    Use the keyword 'interface' where you have <ext ip> in static
    statements, and 'interface outside' in ACLs.

    static (dmz,outside) tcp interface 80 <dmz server ip> 80
    access-list acl_outside permit tcp any interface outside eq 80


    --
    Take care in opening this message: My grasp on reality may have shaken
    loose during transmission!
     
    Walter Roberson, Jan 14, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Oleg Tipisov

    PIX Policy NAT: order of NAT commands

    Oleg Tipisov, Aug 12, 2004, in forum: Cisco
    Replies:
    4
    Views:
    8,966
    Walter Roberson
    Aug 13, 2004
  2. Jose
    Replies:
    3
    Views:
    2,005
  3. Jaime
    Replies:
    2
    Views:
    594
    Jaime
    Sep 20, 2003
  4. Jimmy Dean
    Replies:
    3
    Views:
    1,244
    Duane Arnold
    Jul 25, 2005
  5. Sharp Dressed Man

    TurboTax Basic vs. Taxcut Basic?

    Sharp Dressed Man, Jan 10, 2009, in forum: Computer Support
    Replies:
    1
    Views:
    695
    Sharp Dressed Man
    Jan 12, 2009
Loading...

Share This Page