Hi,
Firstly, I haven't tested this but - I think that a solution consisting of
external addresses being nat'd into internal private address simply won't
work. Even if it did Cisco would not support it. I checked the TAC and they
state quite clearly that NAT is (on the PIX) designed in the direction of
internal to external.
The only reliable, secure and supported solution is a static/conduit setup.
Hope this helps
-----Original Message-----
From: PSIHOYIOS PANAYIOTIS [mailto:[EMAIL PROTECTED]]
Sent: 22 May 2001 11:11
To: [EMAIL PROTECTED]
Subject: RE: PIX question... [7:5248]
Hi all,
Just configure the outside interface as you would configure the inside
interface (nat on the outside with a global pool on the inside).
Regards,
=====================================================================
Panayiotis Psihoyios SyNET S.A.
CCNP (Security, ATM), CCDP, MCP 118 B, Agias Eleoussis Street
Network Engineer GR 151 25 Maroussi
email: [EMAIL PROTECTED] Athens - Greece
Tel:++ 301 61 29 500 Fax: ++ 301 61 25 313
=====================================================================
> -----Original Message-----
> From: Rizzo Damian [mailto:[EMAIL PROTECTED]]
> Sent: Monday, May 21, 2001 5:16 PM
> To: [EMAIL PROTECTED]
> Subject: PIX question... [7:5248]
>
>
> Hey all, is it possible to translate public IP addresses (outside) to
> private IP addresses (inside) on a PIX firewall. Basically the exact
> opposite of what's usually performed on a firewall. We are
> going to have
> users dial in to our internet router and receive a Public IP
> address. They
> have to get through our firewall to gain access to our LAN.
> Is there a way
> to translate the Public IP address they will obtain into a private IP
> address used by our LAN so they can access it? I thank you
> for your help...
>
>
> -Rizzo
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
**********************************************************************
This communication is confidential and is intended only for
the person to whom it is addressed. If you are not that
person you are not permitted to make use of the information
and you are requested to notify mailto:[EMAIL PROTECTED]
immediately that you have received it and then destroy the
copy in your possession.
comdirect ltd is regulated by the SFA and is a member of the LSE.
**********************************************************************
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5410&t=5248
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
