Announcement

Collapse
No announcement yet.

Pix 515 Nat & Pat

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Pix 515 Nat & Pat

    Hello,
    I have inherited a configured PIX. I would like to use (assign) a specific external address to outbound connection for a specific system. My problem is that I am having difficulty finding an example of a similar configuration. At present I have the following for incoming connections involving the public ip in question.


    static (inside,outside) tcp pub.lic.ip smtp 10.0.0.217 smtp netmask 255.255.255.255 0 0
    static (inside,outside) tcp pub.lic.ip 443 10.0.0.131 443 netmask 255.255.255.255 0 0
    static (inside,outside) tcp pub.lic.ip www 10.0.0.131 www netmask 255.255.255.255 0 0


    (This above split accomodates our spam filter)

    In addition to the above I need to translate outbound connections from 10.0.0.217 to pub.lic.ip (to facilitate reverse DNS lookups). At present the outbound connections show as the single external firewall address.

    I have found and been told to use:
    static (inside,outside) tcp pub.lic.ip 10.0.0.217 netmask 255.255.255.255 0 0

    However, I do not see how that command is specific to the inside connections going out because I have similar static entries (for other systems) that do external to internal NAT.

    My inbound translation works fine I just want to show my mx record address on outbound connections for my mail server. If there is another way to do this I am flexible.

    Thanks in advance.

  • #2
    Re: Pix 515 Nat & Pat

    Hi tiredadmin,

    Great question. Sorry about the delay in getting back to you?

    Are you still having this issue?

    If so, here is a good Cisco PIX NAT configuration guide-
    http://www.cisco.com/en/US/products/...8046f31a.shtml

    More can be found at-
    http://www.cisco.com/en/US/products/...ples_list.html

    Let us know how it is going.

    Thanks!
    David Davis - Petri Forums Moderator & Video Training Author
    Train Signal - The Global Leader in IT Video Training
    TrainSignalTraining.com - Free IT Training Products
    Personal Websites: HappyRouter.com & VMwareVideos.com

    Comment

    Working...
    X