brucehunter
asked on
putting external IPs inside my network
Hello Experts
I have a PIX 515 firewall and a range of 10 External IPs 83.71.24.10 - 20. If I assign say 83.71.24.10 to my firewall , how can I get that firewall to foward requests to the other IPs on the inside of my network. Bear in mind I will be assigning external ips to email servers inside my network. In other words how will my pix know to answer requests for say 83.71.24.15
thanks again
I have a PIX 515 firewall and a range of 10 External IPs 83.71.24.10 - 20. If I assign say 83.71.24.10 to my firewall , how can I get that firewall to foward requests to the other IPs on the inside of my network. Bear in mind I will be assigning external ips to email servers inside my network. In other words how will my pix know to answer requests for say 83.71.24.15
thanks again
You can consider PAT also if you want to Map one external IP to multiple internal IPs.
http://www.cisco.com/en/US/docs/security/pix/pix63/quick/guide/63_515qk.html#wp47925
http://www.cisco.com/en/US/docs/security/pix/pix63/quick/guide/63_515qk.html#wp47925
Hi,
To explain a bit more (as i do agree with the statements here that you need to use NAT) about how to do this..
'Let's say you would like to publish a website to the outside world. Your ISS (webserver) would be listening on port 80 for incoming request. If you would like externals to actually access that website, you need to register your website to the internet with an ip adress in the external range you provided. Then, you make sure your internal webserver has a static ip address to which you can point. After that you create a static NAT rule on your PIX that points traffic from the external ip address you assigned to the internal webserver. You also tell your PIX to only listen on port 80, cause that's the port your website will be listening at (or 443 if you are using https).
To explain a bit more (as i do agree with the statements here that you need to use NAT) about how to do this..
'Let's say you would like to publish a website to the outside world. Your ISS (webserver) would be listening on port 80 for incoming request. If you would like externals to actually access that website, you need to register your website to the internet with an ip adress in the external range you provided. Then, you make sure your internal webserver has a static ip address to which you can point. After that you create a static NAT rule on your PIX that points traffic from the external ip address you assigned to the internal webserver. You also tell your PIX to only listen on port 80, cause that's the port your website will be listening at (or 443 if you are using https).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you need to know how to configure the NAT ( Network Address Translation )
it is not possible to explain here how to config the NAT.
Regards
it is not possible to explain here how to config the NAT.
Regards
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800b6e1a.shtml