PAT itself won't help you...Pat is only for outbound connections. You
didn't mention what version of PIX you have so I'll give you some insight.
If you are running PIX 6.01 or can upgrade to it, then things are looking
up. I believe that this version of PIX supports port redirection, which can
accept a variety of traffic on a single address and forward to various
internal addresses based on TCP/UDP port used. A coworker told me that you
can even do this on a single address that is also used for outbound PAT but
I haven't confirmed this yet. It may also be possible that some of the 5.x
versions of PIX support port redirection, but again, I haven't confirmed
this.
Anyway, check them out.
---
Rik Guyler
-----Original Message-----
From: Bruce Williams [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 09, 2001 3:35 PM
To: [EMAIL PROTECTED]
Subject: PIX Question [7:15518]
I have many devices on the inside (most secure) interface of my PIX that I
need to allow telnet and ftp access to users from the outside (least secure)
interface of the PIX. I know that I can create a static map to the inside IP
addresses, but I dont have enough outside IP addresses to support all of the
devices on the inside. I am using PAT to allow users from the inside (most
secure) interface to get access to the outside (less secure) interface. Can
I use PAT the same way to allow outside users to access the inside servers
on one address or is there a way to open the PIX up for all users from the
outside to get in on a temporary basis?
Bruce Williams
215-275-2723
[EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=15572&t=15518
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
