I have a similar situation to this one:
http://www.experts-exchange.com/Security/Firewalls/Q_21310837.html?query=%22static+%28inside%2Coutside%29+tcp+interface+smtp%22&clearTAFilter=trueI have one public ip that I want to use for smtp and http. The smtp will be directed to a spam filter 172.16.0.23. The http will go to an OWA server at 172.16.0.21.
I have a PIX 515E - 6.3(3)
I have setup acls and statics as follows, but have had no luck getting this to work. It looks like all the traffic goes to 172.16.0.23 ( the filter). I can't seem to get the www and https to direct to the web server.
I also have other web servers that have their own statics, and this works fine for www/https at 172.16.0.17 and 172.16.0.2.
The public IP I am working with now is xx.xx.xx.54.
access-list 142 permit tcp any host xx.xx.xx.51 eq www
access-list 142 permit tcp any host xx.xx.xx.51 eq https
access-list 142 permit tcp any host xx.xx.xx.52 eq www
access-list 142 permit tcp any host xx.xx.xx.52 eq https
access-list 142 permit tcp any interface outside eq smtp
access-list 142 permit tcp any interface outside eq www
access-list 142 permit tcp any interface outside eq https
static (inside,outside) tcp interface smtp 172.16.0.23 smtp netmask 255.255.255.255 0 0
static (inside,outside) tcp interface www 172.16.0.21 www netmask 255.255.255.255 0 0
static (inside,outside) tcp interface https 172.16.0.21 https netmask 255.255.255.255 0 0
static (inside,outside) xx.xx.xx.51 172.16.0.2 netmask 255.255.255.255 0 0
static (inside,outside) xx.xx.xx.52 172.16.0.17 netmask 255.255.255.255 0 0
access-group 142 in interface outside
Any help on the commands I need to get this running would be appreciated!
