• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 312
  • Last Modified:

pix 501e config question

hi,

i'm needing some help here... I have a pix 501e, and i need to run two seperate ssl servers...i have 12 public ip addresses.

how do i configure pix to let me do this.  Can somone explain this to me so i can use the pdm instead of the cmd line?

thanks
0
rafordhargrove
Asked:
rafordhargrove
  • 2
  • 2
1 Solution
 
Cyclops3590Commented:
i know you want the pdm version, but sorry I only know the cli version (I just hate gui's)
Anyway, at least for cli, this should do it

ssl server 1  IPs
public w.w.w.w
private x.x.x.y

ssl server 2 IPs
public a.a.a.a
private x.x.x.z

access-list outside-in permit tcp any host w.w.w.w eq 443
access-list outside-in permit tcp any host a.a.a.a eq 443
access-group outside-in in interface outside

static (inside,outside) w.w.w.w x.x.x.y netmask 255.255.255.255
static (inside, outside) a.a.a.a x.x.x.z netmask 255.255.255.255

just make sure that w.w.w.w or a.a.a.a are not the IP assigned to the outside interface


0
 
Keith AlabasterEnterprise ArchitectCommented:
Cyclops has it.
One or two other item I might add for you though.

1. You may need to add
no sysopt noproxyarp outside

2. Afterwards do a cl xlate as you are amending the interface details.

Once done, you can go back into the PDM and identify the changes. From here on, you can use the PDM as required.

0
 
Cyclops3590Commented:
don't forget to do keith's number 2
whenever you play with nat, global, or static entries you should always clear the xlates or you could see some problems.
0
 
Keith AlabasterEnterprise ArchitectCommented:
Your welcome,

Regards
Keith
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now