Pix 501 Multiple public IP's to single private IP

Discussion in 'Cisco' started by off_center, Mar 22, 2005.

  1. off_center

    off_center Guest

    how do i configure my pix to route two public ips to one single ip.


    if i try this i get and error about overlapping ips


    static (store, outside) tcp 24.x.x.98 80 10.0.0.47 80 netmask
    255.255.255.255
    static (store, outside) tcp 24.x.x.98 443 10.0.0.47 443 netmask
    255.255.255.255
    static (store, outside) tcp 24.x.x.99 80 10.0.0.47 10001 netmask
    255.255.255.255
    static (store, outside) tcp 24.x.x.99 443 10.0.0.47 444 netmask
    255.255.255.255
     
    off_center, Mar 22, 2005
    #1
    1. Advertisements

  2. :how do i configure my pix to route two public ips to one single ip.

    You can't. Fortunately for you, that's not what you want to do.

    :if i try this i get and error about overlapping ips

    :static (store, outside) tcp 24.x.x.98 80 10.0.0.47 80 netmask 255.255.255.255
    :static (store, outside) tcp 24.x.x.98 443 10.0.0.47 443 netmask 255.255.255.255
    :static (store, outside) tcp 24.x.x.99 80 10.0.0.47 10001 netmask 255.255.255.255
    :static (store, outside) tcp 24.x.x.99 443 10.0.0.47 444 netmask 255.255.255.255

    That should be fine provided that neither 24.x.x.98 nor 24.x.x.99
    are the same IP as your outside interface. If either one of them is,
    then substitute the word 'interface' instead of the IP address. For
    example,

    static (store,outside) tcp interface 80 10.0.0.47 80 netmask 255.255.255.255

    The lines you show will not overlap with each other. They would,
    though, oeverlap if there is another static such as

    static (store,outside) 24.x.x.98 10.0.0.52 netmask 255.255.255.255

    Plain static, without any port information, takes priority over
    static PAT.
     
    Walter Roberson, Mar 22, 2005
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.