i have not tested a pix501, but i hope, it's still the same like on 506 and higher.
you can do a global (outside) 1 interface nat (inside) 1 0 0 and at the same time (depending on your internal network) for example static (inside,outside) tcp interface 1111 10.0.0.1 22 if you are connecting the outside address of pix at port 1111/tcp you will get a ssh connection to 10.0.0.1 don't forget setting the acl/conduit! dirk "Noonan, Wesley" wrote: > As I understand it, and in my experience with the PIX 515, if I want to have > internal services advertised to the outside world (i.e. FTP) the external > interface of the PIX 515 requires at least 2 IP addresses, 1 for the > external interface itself which is used to source all outbound requests > (NAT/PAT) and at least 1 more IP address to service the inbound requests > (via ACL/Conduit). > > My question is whether the PIX 501 is the same way. I would like to use it > as my SOHO solution, but I have web, ftp, mail and DNS services that I need > to advertise, and my provider only issues a single (I could get multiple, > but fail to see how it would help) DHCP address. Can the PIX 501 do this > over a single DHCP obtained IP address? > > Unfortunately, I haven't had a chance to mess with the PIX 501, and don't > want to shell out the $$$ unless I am reasonably certain it can do what my > GNATBox can. > > TIA. > > Wes Noonan, MCSE/MCT/CCNA/CCDA/NNCSS > Senior QA Rep. > BMC Software, Inc. > (713) 918-2412 > [EMAIL PROTECTED] > http://www.bmc.com > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
