Solved

PIX Firewall 515E Config

Posted on 2004-08-29
2
681 Views
Last Modified: 2013-11-16
Greetings to all The Experts,

ok I have two PIX firewalls 515E, and I am going to reconfigure them. in each one I have outsite port, inside port, and 4 eathernet ports, and a fail over connection.

I have three IP Address Schems 192.X.X.X (Inside) 208.X.X.X (Outside) 67.X.X.X (DMZ).

how can I use the DMZ without having to assign 67.X.X.X IP Address to server in the DMZ?

thanks all
0
Comment
Question by:mjalmassud
2 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 300 total points
ID: 11929593
Hi mjalmassud,
I don't understand what you are asking. If the DMZ interface has a 67.x.x.x IP address then other servers in the DMZ have to have that same IP address range. You can configure NAT though to translate addresses from the outside IP address range through to the DMZ server.
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 200 total points
ID: 11930829
grblades is correct. If we understand you correctly, you can use the 67.x.x.x addresses for static nat translations to private IP addresses of the servers in the DMZ, and 208.x.x.x addresses for the users on the inside

ip address dmz 192.168.122.1 255.255.255.0
ip address inside 192.168.102.1 255.255.255.0
ip address outside 208.x.x.x 255.255.255.248
global (outside) 1 208.x.x.x 208.x.x.x
global (outside) 1 208.x.x.x
global (outside) 2 67.x.x.x
global (dmz) 1 interface
nat (inside) 1 192.168.102.0 255.255.255.0
nat (dmz) 2 192.168.122.0 255.255.255.0
static (dmz,outside) 67.x.x.100 192.168.122.100 netmask 255.255.255.0
static (dmz,outside) 67.x.x.101 192.168.122.101 netmask 255.255.255.0

<etc>
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question