Hi, You are already using one global pool for one public IP so now you can't do the static mapping with the mail server. Hence u have to use another public IP and NAT.
Regards Vishal -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of kk downing Sent: Wednesday, February 20, 2002 2:32 AM To: [EMAIL PROTECTED] Subject: Cisco PIX DMZ with PAT ? Hello, We have a very small network with three IPs from our DSL provider. We currently have one legal IP as the public interface on our PIX, and we use PAT for a second address so that all machines on the private 10.0.0.0 network can use to get out to the internet. We just purchased a third NIC for a DMZ to put our mail server on. We obvioulsy want to allow public access to this machine for port 25. Is the correct way to do this to add a third legal IP for PAT and have our mail server use this IP for its public access or should we be hiding behind the public IP address on the public interface of our PIX and just have our MX records pointing to this IP and let PAT sort it out? I appreciate any feedback you could give me in this matter. Thank you. __________________________________________________ Do You Yahoo!? Yahoo! Sports - Coverage of the 2002 Olympic Games http://sports.yahoo.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
