In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!
configure pix 506e for multiple external interfaces
Hello,
I have a time warner biz modem with 5 static ip addresses.
currently i have one outside ip defined, and static routes from this ip to various
places on the internal network - everything works fine. I have installed a DVR/camera system, and want to use an additonal ip address from my static range provided by time warner.
ip address outside xxx.xxx.xxx.50 (current setting)
I would like to add xxx.xxx.xxx.51 and set a static route, nat, etc to 192.168.1.200, using
various ports like www, 5920, etc. my global setting is : global (outside) 1 interface.
How can I do this???
Thanks,
eholz_one
I have a time warner biz modem with 5 static ip addresses.
currently i have one outside ip defined, and static routes from this ip to various
places on the internal network - everything works fine. I have installed a DVR/camera system, and want to use an additonal ip address from my static range provided by time warner.
ip address outside xxx.xxx.xxx.50 (current setting)
I would like to add xxx.xxx.xxx.51 and set a static route, nat, etc to 192.168.1.200, using
various ports like www, 5920, etc. my global setting is : global (outside) 1 interface.
How can I do this???
Thanks,
eholz_one
Who is Participating?
If I understand correctly you are looking for 1to1 NAT.
Please look at this link:
http://serverfault.com/questions/382705/configuring-pix-506-with-nat-for-multiple-public-addresses
Please look at this link:
http://serverfault.com/questions/382705/configuring-pix-506-with-nat-for-multiple-public-addresses
Hello Again,
No luck, pix fw version is 6.3 (4), and does not accept the "extended" word in the command line!
ouch,
eholz_one
No luck, pix fw version is 6.3 (4), and does not accept the "extended" word in the command line!
ouch,
eholz_one
Have you tried without extended (format posted in link)?
access-list outside_access_in permit tcp any host <IP address> eq port
access-list outside_access_in permit tcp any host <IP address> eq port
Yes, I have tried this. It does not work, but it may not be the pix settings.
I will have to get with timewarner to verify we really have 4 more functional external ip addresses!!
thanks for the help
I will have to get with timewarner to verify we really have 4 more functional external ip addresses!!
thanks for the help
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month5 days, 4 hours left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
static (inside,outside) xxx.xxx.xxx.51 192.168.1.200 netmask 255.255.255.255
access-list inbound extended permit tcp any host xxx.xxx.xxx.51 eq 5920
access-list inbound extended permit tcp any host xxx.xxx.xxx.51 eq www
access-group inbound in interface outside
Note: This assumes you do NOT have an inbound ACL (Issue a show acess-group command to find out), if you do it will say access-group {name} in interface outside, Simply replace the word inbound above for the name of yours and DONT issue the command that starts access-group.