You can use the single IP address on your outside interface without a problem.
If your outside address is 200.200.200.200 and you have a mail server on your inside 10.1.1.1 and a telnet server on your inside 10.2.2.2, you can do this: static (inside,outside) tcp 200.200.200.200 smtp 10.1.1.1 smtp static (inside,outside) tcp 200.200.200.200 telnet 10.2.2.2 telnet conduit permit tcp 200.200.200.200 255.255.255.255 eq smtp any conduit permit tcp 200.200.200.200 255.255.255.255 eq telnet any Hth, Ole ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://www.RouterChief.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Need a Job? http://www.OleDrews.com/job ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -----Original Message----- From: Ciaron Gogarty [mailto:[EMAIL PROTECTED]] Sent: Friday, August 02, 2002 8:29 AM To: [EMAIL PROTECTED] Subject: Re: Pix static mappings to the inside [7:50500] I not sure what code your using, but Cisco recommend using Access-lists instead of conduit statements. Just create a typical cisco access-list (except don't invert your masks) and apply it inbound to the outside interface and you will get the same result as your conduits!! C ----- Original Message ----- From: "Elijah Savage III" To: Sent: Friday, August 02, 2002 4:23 AM Subject: Pix static mappings to the inside [7:50500] > I have my pix 501 firewall working but I have yet to be able to get > static mapping working. I try this > > Static "outside ip address" "inside ip address" > > Conduit permit tcp outside ip inside ip eq 25 any > > > > When I issue these commands I can get mail into my mail server behind > the pix but it breaks my nat. I have read that it is not good to use > your outside global ip address for static mapping but if you only have 1 > static ip address how else can you do it. > > > > With me only having one static ip will this work? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=50537&t=50500 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
