Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

PIX Firewall 515E Config

Posted on 2004-08-29
2
Medium Priority
?
710 Views
Last Modified: 2013-11-16
Greetings to all The Experts,

ok I have two PIX firewalls 515E, and I am going to reconfigure them. in each one I have outsite port, inside port, and 4 eathernet ports, and a fail over connection.

I have three IP Address Schems 192.X.X.X (Inside) 208.X.X.X (Outside) 67.X.X.X (DMZ).

how can I use the DMZ without having to assign 67.X.X.X IP Address to server in the DMZ?

thanks all
0
Comment
Question by:mjalmassud
2 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 900 total points
ID: 11929593
Hi mjalmassud,
I don't understand what you are asking. If the DMZ interface has a 67.x.x.x IP address then other servers in the DMZ have to have that same IP address range. You can configure NAT though to translate addresses from the outside IP address range through to the DMZ server.
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 600 total points
ID: 11930829
grblades is correct. If we understand you correctly, you can use the 67.x.x.x addresses for static nat translations to private IP addresses of the servers in the DMZ, and 208.x.x.x addresses for the users on the inside

ip address dmz 192.168.122.1 255.255.255.0
ip address inside 192.168.102.1 255.255.255.0
ip address outside 208.x.x.x 255.255.255.248
global (outside) 1 208.x.x.x 208.x.x.x
global (outside) 1 208.x.x.x
global (outside) 2 67.x.x.x
global (dmz) 1 interface
nat (inside) 1 192.168.102.0 255.255.255.0
nat (dmz) 2 192.168.122.0 255.255.255.0
static (dmz,outside) 67.x.x.100 192.168.122.100 netmask 255.255.255.0
static (dmz,outside) 67.x.x.101 192.168.122.101 netmask 255.255.255.0

<etc>
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question