• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 249
  • Last Modified:

Multiple Public IP Addresses mapping with internal IP Addresses

I want to assign 4 Public IP Addresses to my outside interface of cisco pix firewall and map them with the 4 internal ip addresses to allow only http and https traffic from internet. how can i do this?
0
Prashant0906
Asked:
Prashant0906
  • 2
  • 2
1 Solution
 
rsivanandanCommented:
You essentially don't assign all the public ip address on the PIX outside interface. Just assign one and for all the other 3 you make static nat and allow it through access-list.

This would be an example for one;

Say inside ip address of your web server is 10.10.10.10
Public ip address you want to use is x.x.x.x

Then you'd configure it this way;

static (inside,outside) tcp x.x.x.x 80 10.10.10.10 80

access-list OutsideIn permit tcp any host x.x.x.x eq www

access-group OutsideIn in interface outside.

Cheers,
Rajesh
0
 
Prashant0906Author Commented:
Thanks for this.
lets tqake an example external ip addresses are :
62.232.1.1
52.232.1.2
63.232.1.3
63.232.1.4

and internal ip addresses are
10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4

how i will map them 1 is to 1.
Regards,
Prashant.
0
 
rsivanandanCommented:
static (inside,outside) 62.232.1.1 10.0.0.1 netmask 255.255.255.255
static (inside,outside) 62.232.1.2 10.0.0.2 netmask 255.255.255.255
static (inside,outside) 62.232.1.3 10.0.0.3 netmask 255.255.255.255
static (inside,outside) 62.232.1.4 10.0.0.4 netmask 255.255.255.255

access-list <Name> permit tcp any host 62.232.1.1 eq www
access-list <Name> permit tcp any host 62.232.1.2 eq www
access-list <Name> permit tcp any host 62.232.1.3 eq www
access-list <Name> permit tcp any host 62.232.1.4 eq www
access-list <Name> permit tcp any host 62.232.1.1 eq 443
access-list <Name> permit tcp any host 62.232.1.2 eq 443
access-list <Name> permit tcp any host 62.232.1.3 eq 443
access-list <Name> permit tcp any host 62.232.1.4 eq 443

access-list <Name> in interface outside

The above would be the configuration and I've chosen the access-list name to be <Name>. So substitute it with the access-list you already have on the pix.

Cheers,
Rajesh
0
 
Prashant0906Author Commented:
Thanks I will do this and will get back to you if works.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now