MCHDMISDEPT
asked on
Setup multiple IP addresses on PIX
Need to setup multiple "external" IP address on my PIX515. How do I set this up?
Only one IP address can be assigned to the external NIC on your PIX 515
But you can assign mulitple addresses to your NAT "pool".
Ex: ISP has given you the ff: useable IP addresses.
1.2.3.4 -- 1.2.3.20
In this case you can assign as ff:
1.2.3.4 --> External NIC
1.2.3.5 - 1.2.3.10 --> Assigned to NAT pool so that internal hosts can browse external resources
1.2.3.6 --> Assigned to PAT Backup in case your NAT pool is exhausted
1.2.3.7 - 1.2.3.15 --> Use for STATIC NAT or STATIC PAT to publish internal resources or create ACL
1.2.3.16 -1.2.3.20 --> Extra IP's just in case
I hope this answers your question. Assign points to lrmoore. I am just elaborating on his answer.
Search the CISCO website for "pix configurations", and you will find numerous examples.
But you can assign mulitple addresses to your NAT "pool".
Ex: ISP has given you the ff: useable IP addresses.
1.2.3.4 -- 1.2.3.20
In this case you can assign as ff:
1.2.3.4 --> External NIC
1.2.3.5 - 1.2.3.10 --> Assigned to NAT pool so that internal hosts can browse external resources
1.2.3.6 --> Assigned to PAT Backup in case your NAT pool is exhausted
1.2.3.7 - 1.2.3.15 --> Use for STATIC NAT or STATIC PAT to publish internal resources or create ACL
1.2.3.16 -1.2.3.20 --> Extra IP's just in case
I hope this answers your question. Assign points to lrmoore. I am just elaborating on his answer.
Search the CISCO website for "pix configurations", and you will find numerous examples.
ASKER
Yes. I am trying to NAT multiple external addresses to multiple internal addresses...please advise
ASKER
JEEGO-
Thanks for the input...I am browsing PIX configs right now...
Thanks for the input...I am browsing PIX configs right now...
You can create multiple statics:
static (inside,outside) <public IP1> <private IP1> netmask 255.255.255.255
static (inside,outside) <public IP2> <private IP2> netmask 255.255.255.255
static (inside,outside) <public IP3> <private IP3> netmask 255.255.255.255
Example:
static (inside,outside) 13.45.67.8 192.168.100.100 netmask 255.255.255.255
static (inside,outside) 13.45.67.9 192.168.100.101 netmask 255.255.255.255
static (inside,outside) 13.45.67.10 192.168.100.102 netmask 255.255.255.255
static (inside,outside) <public IP1> <private IP1> netmask 255.255.255.255
static (inside,outside) <public IP2> <private IP2> netmask 255.255.255.255
static (inside,outside) <public IP3> <private IP3> netmask 255.255.255.255
Example:
static (inside,outside) 13.45.67.8 192.168.100.100 netmask 255.255.255.255
static (inside,outside) 13.45.67.9 192.168.100.101 netmask 255.255.255.255
static (inside,outside) 13.45.67.10 192.168.100.102 netmask 255.255.255.255
ASKER
the inside, outside is perfect...now these outside addressess are going to be used for VPN...meaning, a user at home will vpn to 13.45.67.8...the PIX will nat this to a 1710 router thats WAN int is set to a private address on my network, the 1710 supports VPN connectivity. I belive I need to setup the PIX with sysopt...please advise.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can NAT multiple external addresses to multiple internal addresses though, if that's what you need to do..