Hi all, Here's something I've been pondering. How many external addresses do you need with a PIX firewall to have your PIX, PAT for the internal clients and to redirect port 80 to a web server? On an IOS router, you can do something like: (where 1.1.1.1 is an external IP and 10.x.x.x is internal) interface ethernet 0/0 ip address 1.1.1.1 ip nat outside interface ethernet 0/1 ip address 10.1.1.1 ip nat inside ip nat inside source list DoTheNat interface e0 overload ip nat inside source static tcp 1.1.1.1 80 10.1.1.2 80 extendable Or something like that. That would allow you to use 1 IP address for PAT, access to an internal web server. With a PIX, I can't seem to find the same functionality. With a PIX (at least one that's running 4.4) it seems to me that I need one IP address for the PIX, one for PAT and another one for the web server to use. Anyone know of a workaround for that, or do I need to start getting a block of IPs? Regards, Travis Gamble ___________________________________ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]