Cisco PIX 515E Security Appliance - External IP mapping
Posted on 2008-06-10
I have recently taken over all IT duties at a small company. We have a relatively (for the size of company) complicated system. The general make-up is as follows:
Cisco PIX 515E firewall
Inside Interface: A computer running SQL database, A Computer running Exchange, A computer running our webserver
DMZ: A Citrix Gateway server
We just got our first mobile device and I found out the hard way that ActiveSync will not work with anything other than the default ports 80/443. We were running OWA on port 81/444 and mapping those ports to the server running Exchange.
My research seems to indicate that a good solution is to use multiple external IP addresses, which we have. People seem to be of the opinion that mapping external IPs to internal IPs is easy, but I just can't seem to figure this out. Can it be done without moving the Exchange and/or Webserver to the DMZ interface?