2 Public IP's PIX 515
Posted on 2009-12-30
I have 2 internal servers. One is at 192.168.1.8 and one is at 192.168.1.9
My PIX has an outside IP address of 216.xxx.xxx.xxx
Our PIX currently has tcp traffic allowed to the .8 server on port 443 and a port redirection on the .9 server.
Basically if you type https://www.xxx.com you get to .8 and if you type https://www.xxx.com:8000, you get to the .9 server.
The .9 server is a Citrix server and very regularily, users are not able to connect to the web interface to log in. I have to reboot the citrix server before it will work again. I would like to use one of our other outside IP addresses on the PIX to point to the .9 server so I don't have to use a port redirect.
I want 216.xxx.xxx.1 to point to .9 and 216.xxx.xxx.2 to point to .8
I changed the access list so it now reads :
access-list outside_access_in extended permit tcp any host 216.xxx.xxx.2 eq citrix-ica
access-list outside_access_in extended permit tcp any host 216.xxx.xxx.2 eq www
access-list outside_access_in extended permit tcp any host 216.xxx.xxx.2 eq https
I also changed the static command to read like this:
static (inside,outside) tcp 216.xxx.xxx.2 citrix-ica 192.168.1.9 citrix-ica netmask 255.255.255.255 dns
static (inside,outside) tcp 216.xxx.xxx.2 https 192.168.1.9 https netmask 255.255.255.255 dns
Can someone help me figure out what to do next or if I'm totally off base please help.