NAT for DMZ on PIX?
Posted on 2003-03-27
I have a cat 6509 swtich with 4 vlans
Cat has pix 6.2 as default gaetway i.e.
I also have a default gateway webservices.essex.edu at
which resides in the dmz and has defalut gateway as pix 6.2 i.e.
Anyone accessing webserices.essex.edu from outside is able to see it's actual IP address.
I want to implement NAT and need to decide which of the following options to go with:
1.webservices's present IP translates to a real IP which wont be associated with any machine.
2. can I change the webserver's current ip to a dummy ip which translates to a real IP which wont be associated with any machine. will this still allow my vlans to access the webserver?
Are both possible, if yes, which one is better and why?