PeopleSoft Adoption Made Smooth & Simple!
On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool. Claim Your Free WalkMe Account Now
Course Of The Month
7 days, 18 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
configure pix 506e for multiple external interfaces
Posted on 2013-02-02
Hello,
I have a time warner biz modem with 5 static ip addresses.
currently i have one outside ip defined, and static routes from this ip to various
places on the internal network - everything works fine. I have installed a DVR/camera system, and want to use an additonal ip address from my static range provided by time warner.
ip address outside xxx.xxx.xxx.50 (current setting)
I would like to add xxx.xxx.xxx.51 and set a static route, nat, etc to 192.168.1.200, using
various ports like www, 5920, etc. my global setting is : global (outside) 1 interface.
How can I do this???
Thanks,
eholz_one
I have a time warner biz modem with 5 static ip addresses.
currently i have one outside ip defined, and static routes from this ip to various
places on the internal network - everything works fine. I have installed a DVR/camera system, and want to use an additonal ip address from my static range provided by time warner.
ip address outside xxx.xxx.xxx.50 (current setting)
I would like to add xxx.xxx.xxx.51 and set a static route, nat, etc to 192.168.1.200, using
various ports like www, 5920, etc. my global setting is : global (outside) 1 interface.
How can I do this???
Thanks,
eholz_one
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
4
3
10 Comments
Active 4 days ago
Here you go....................
static (inside,outside) xxx.xxx.xxx.51 192.168.1.200 netmask 255.255.255.255
access-list inbound extended permit tcp any host xxx.xxx.xxx.51 eq 5920
access-list inbound extended permit tcp any host xxx.xxx.xxx.51 eq www
access-group inbound in interface outside
Note: This assumes you do NOT have an inbound ACL (Issue a show acess-group command to find out), if you do it will say access-group {name} in interface outside, Simply replace the word inbound above for the name of yours and DONT issue the command that starts access-group.
static (inside,outside) xxx.xxx.xxx.51 192.168.1.200 netmask 255.255.255.255
access-list inbound extended permit tcp any host xxx.xxx.xxx.51 eq 5920
access-list inbound extended permit tcp any host xxx.xxx.xxx.51 eq www
access-group inbound in interface outside
Note: This assumes you do NOT have an inbound ACL (Issue a show acess-group command to find out), if you do it will say access-group {name} in interface outside, Simply replace the word inbound above for the name of yours and DONT issue the command that starts access-group.
Active 1 day ago
If I understand correctly you are looking for 1to1 NAT.
Please look at this link:
http://serverfault.com/questions/382705/configuring-pix-506-with-nat-for-multiple-public-addresses
Please look at this link:
http://serverfault.com/questions/382705/configuring-pix-506-with-nat-for-multiple-public-addresses
Hello Again,
No luck, pix fw version is 6.3 (4), and does not accept the "extended" word in the command line!
ouch,
eholz_one
No luck, pix fw version is 6.3 (4), and does not accept the "extended" word in the command line!
ouch,
eholz_one
Active 1 day ago
Have you tried without extended (format posted in link)?
access-list outside_access_in permit tcp any host <IP address> eq port
access-list outside_access_in permit tcp any host <IP address> eq port
Yes, I have tried this. It does not work, but it may not be the pix settings.
I will have to get with timewarner to verify we really have 4 more functional external ip addresses!!
thanks for the help
I will have to get with timewarner to verify we really have 4 more functional external ip addresses!!
thanks for the help
Featured Post
Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!
Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!
Act now. This offer ends July 14, 2017.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
If you're not part of the solution, you're part of the problem.
Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet. Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Get a first impression of how PRTG looks and learn how it works. This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
- Linux
- Windows OS
- Networking
- Paessler
- Network Management
- Network Analysis, Network Operations
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses
Course of the Month7 days, 18 hours left to enroll
Earn Certification
Cisco CCNA Data Center: DCICT
$197.00$177.30
Earn Certification
Cisco CCNP Security: SIMOS
$197.00$177.30
728 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.