akalbfell
asked on
PIX515 Static IP
we have a whole block of IP's from our ISP, x.x.x.0-x.x.x.x.255. In our PIX515 i am trying to configure one server to have its own static IP. all users grab an IP from a pool x.x.x.10-x.x.x.99. a few other servers are already configured to have their own static IP's, x.x.x.200 - x.x.x.208 and that is working fine, however when i add the new one, it keeps using one of the IP's from the pool as if im not even configuring it the other way. Any idea why its not using the correct IP??
internal ip of machine, 10.10.10.209
WAN IP to use x.x.x.209
config of pix
global (outside) 1 x.x.x.10-x.x.x.99
global (outside) 1 x.x.x.100
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) x.x.x.209 SER10 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.200 SER1 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.201 SER2 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.202 SER3 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.203 SER4 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.204 SER5 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.205 SER6 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.206 SER7 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.208 SER8 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.207 SER9 netmask 255.255.255.255 0 0
access-group acl_outside in interface outside
access-group outbound in interface inside
route outside 0.0.0.0 0.0.0.0 x.x.x.1 1
internal ip of machine, 10.10.10.209
WAN IP to use x.x.x.209
config of pix
global (outside) 1 x.x.x.10-x.x.x.99
global (outside) 1 x.x.x.100
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) x.x.x.209 SER10 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.200 SER1 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.201 SER2 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.202 SER3 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.203 SER4 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.204 SER5 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.205 SER6 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.206 SER7 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.208 SER8 netmask 255.255.255.255 0 0
static (inside,outside) x.x.x.207 SER9 netmask 255.255.255.255 0 0
access-group acl_outside in interface outside
access-group outbound in interface inside
route outside 0.0.0.0 0.0.0.0 x.x.x.1 1
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It will cause any current connections to drop.
ASKER
yeh i thought so, ok i will do this tonight when everyone is gone and follow up. Im sure this is the problem.
What version PIX OS? Some versions older than 6.3(4) have a bug that new static xlates won't "take" until or unless the pix is rebooted.
ASKER