setting up address translation rule in PDM

Discussion in 'Cisco' started by cisco, Jul 9, 2007.

  1. cisco

    cisco Guest

    Hi: I posted the "static routing question" but probably didn't give enough
    information.

    I'm trying to add an Address Translation Rule to take https traffic from the
    outside IF and route it to a specific IP on the inside interface, using the
    PDM 3.0 on a Pix 506e.

    I specify the original host/network as:

    IF: inside
    IP address: 192.168.0.100
    Mask: 255.255.255.255

    and set "translate address on interface" to:

    IF: Outside
    Static IP Address: Interface IP
    "Redirect Port" is checked
    TCP is checked
    Original Port: 443
    Translated Port: 443

    When I click "OK" I get a popup "Overlaping/Redundant translation rule"
    "This static port mapping translation rule is overlapping with a dynamic
    address translation for inside: 0.0.0.0/0.0.0.0(any) uing global pool 1. Do
    you still wish to proceed?"

    "global pool 1" is a VPN pool

    I click "stop" at this point for fear of mucking something up...what do I
    need to do to set this up correctly?
     
    cisco, Jul 9, 2007
    #1
    1. Advertisements

  2. cisco

    CK Guest

    Hope you are having access-list defined on inside interface.
    Did you tried static nat for this. as you mention you want all Https
    traffic o redirect to 192.168.0.100
    Try below command
    static (inside,outside) tcp interface 443 192.168.0.100 443 netmask
    255.255.255.255 0
     
    CK, Jul 10, 2007
    #2
    1. Advertisements

  3. cisco

    Chad Mahoney Guest

    The message is normal, select proceed and create the ACL for the traffic.
     
    Chad Mahoney, Jul 10, 2007
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.