I purchased a Cisco 506E over Ebay a week ago, and I've been trying to configure it ever since. I'm not any type of PIX expert or even amature, I had configured Watchguard firewalls and even a few Symantec Gateways, so I figured I could configure this Cisco 506E router. But try and try I do, I can't get anywhere with it.
I'm depserate for help to get ths up and running. Not even sure what to ask or where to start. I can tell you what my goal is though.
I have 5 external IP addresses, I could like to foward those to specific internal addresses. All all outbound, and I would like to allow inbound on certain ports to go to specific internal addresses.
Let me give out some detail. I can not figure out how to setup the firewall to do the following.
My External Network (From ISP)
IP Address1: 18.104.22.168
IP Address2: 22.214.171.124
IP Address3: 126.96.36.199
IP Address4: 188.8.131.52
IP Address5: 184.108.40.206
Internal Network (My Private)
IP Range: 10.1.0.x
Web Server on 10.1.0.200
Mail Server on 10.1.0.201
App Server on 10.1.0.202
DNS1 Server on 10.1.0.203
DNS2 Server on 10.1.0.204
Inside Interface: 10.1.0.1 255.255.255.0
Outside Interface: 220.127.116.11 255.255.255.0
What I'm trying to do is...
Allow all 10.1.0.x outbound to anyport
Now if 10.1.0.x goes outbound I dont care what IP it NAT's as, unless it's one of the servers
10.1.0.200 should go out as 18.104.22.168
10.1.0.201 should go out as 22.214.171.124
10.1.0.202 should go out as 126.96.36.199
10.1.0.203 should go out as 188.8.131.52
10.1.0.204 should go out as 184.108.40.206
220.127.116.11 > 10.1.0.200
18.104.22.168 > 10.1.0.201
22.214.171.124 > 10.1.0.202
126.96.36.199 > 10.1.0.203
188.8.131.52 > 10.1.0.204
For the most part that's what I'm looking for.
I would like to properly apply a rule for each port coming in and not allow all traffic. So example, RDP TCP 3389, if it comes in on 184.108.40.206 I'll send it to 10.1.0.100 say, but if it's port 80 I'll send it to another box.