Brent92663
asked on
Cisco Pix Port Forwarding
Hello I am trying to do the following.
Asume one static external IP on a pix. and 3 internal ips
I am hoping for a configuration that will forward requests on that single ip to internal machines by port(done this on so many soho firewalls, im sure cisco must be able to do it!)
SO..
Someone comes in on port 25 they need to be directed to say 10.0.0.1
comes in on port 80 directed to 10.0.0.2
port 110 10.0.0.3
all the same single external IP forwarding to different IPs internally based upon port.
Thanks :)
Asume one static external IP on a pix. and 3 internal ips
I am hoping for a configuration that will forward requests on that single ip to internal machines by port(done this on so many soho firewalls, im sure cisco must be able to do it!)
SO..
Someone comes in on port 25 they need to be directed to say 10.0.0.1
comes in on port 80 directed to 10.0.0.2
port 110 10.0.0.3
all the same single external IP forwarding to different IPs internally based upon port.
Thanks :)
What version of the PIX IOS are you using?
ASKER
the latest..
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So it has to be on a DMZ? one of these servers is a domain controller..
Is it okay if its defined as being on the dmz? will it affect LAN services?
Is it okay if its defined as being on the dmz? will it affect LAN services?
no, each interface can be given an alias name which makes the commands more readable. A 2 interface firewall will typically have the names set to "inside" and "outside". Many of the examples in my book also use a third interface called "dmz".
So I would try:
static (inside,outside) tcp interface 23 172.16.1.2 23 ....
So I would try:
static (inside,outside) tcp interface 23 172.16.1.2 23 ....
ASKER
Thanks guys! I will give it a whirl!
ASKER
Also, which book is your book? If its considered spam to post it,, feel free to email me at brent.richardsREMOVETHIS@R
Not sure if its considered span so I'll try this...
Cisco Security Specialists Guide to PIX Firewalls. It's worked out well for me, we just bought our first 2 501's a couple of months ago and it helped me do everything from the initial setup to vpn'ing between the two.
http://www.amazon.com/exec/obidos/tg/detail/-/1931836639/qid=1080322759/sr=1-1/ref=sr_1_1/103-6519157-6866262?v=glance&s=books
cheers
Cisco Security Specialists Guide to PIX Firewalls. It's worked out well for me, we just bought our first 2 501's a couple of months ago and it helped me do everything from the initial setup to vpn'ing between the two.
http://www.amazon.com/exec/obidos/tg/detail/-/1931836639/qid=1080322759/sr=1-1/ref=sr_1_1/103-6519157-6866262?v=glance&s=books
cheers