The reply *should* come from the IP that the request arrived at ... ...
Thanks! TJ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 12:38 AM To: [EMAIL PROTECTED] Subject: Re: Pix NAT - Two to one [7:37179] When the two outside addresses are resolved to the single inside address (port 80) everything is OK but when the web server sends back a reply which of the address translations with be used? If the wrong one is picked any firewall will choke on it, and if no firewall, the other end of the connection may get traffic from a source address it doesn't know anything about. End result is that the two outside addresses need to be associated with two distict inside addresses. Hope this helps, Scott --- On Mon 03/04, Gaz wrote: > Eventually, two separate static commands for two separate outside > addresses > going to two separate DMZ addresses. > At the moment there is just one machine inside. Possibility of putting > multiple addresses on the server but preferred option is not to do this. > What I would like to miss out is the time required to wait for DNS to > propagate when I split the single outside address to two. If I can leave > the > DNS pointing to two addresses and make the changes at the required time, > there is no delay involved. > > Thanks, > > Gaz > > > ""Patrick Ramsey"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > what is the overall goal? > > > > >>> Gaz 03/04/02 03:06PM >>> > > Hi all, > > > > Has anybody tried NAT'ing two outside addresses to one internal > (DMZ) > > address on the same port (80) in some way. > > Not too difficult to get round, as I can get the DNS of one site > changed > and > > use the single address outside to single inside. > > The advantage would be that when the web sites are separated, to two > > machines inside, I would like to be able to change the pix settings > > immediately rather than change DNS and wait a couple of days for DNS > to > > propagate. > > I'm sure there may be some simple way of doing it, but I couldn't > find it > > whilst playing about today. > > > > Any ideas welcome. > > > > Thanks, > > > > Gaz > > >>>>>>>>>>>>> Confidentiality > Disclaimer This email and any files > transmitted with it may contain confidential and > > /or proprietary information in the possession of WellStar Health > System, > > Inc. ("WellStar") and is intended only for the individual > or entity to > whom > > addressed. This email may contain information that is held to be > > privileged, confidential and exempt from disclosure under applicable > law. > If > > the reader of this message is not the intended recipient, you are > hereby > > notified that any unauthorized access, dissemination, distribution > or > > copying of any information from this email is strictly prohibited, > and may > > subject you to criminal and/or civil liability. If you have received > this > > email in error, please notify the sender by reply email and then > delete > this > > email and its attachments from your computer. Thank you. > > > > ================================================================ ***************************************************************************** The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. ***************************************************************************** Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37559&t=37179 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
