[c-nsp] PIX IP Aliasing
joshua sahala
jejs at sahala.org
Tue Oct 5 12:59:13 EDT 2004
On (05/10/04 12:17), Paul Stewart wrote:
>
> We have a 515E PIX... I'm trying to add a secondary interface to the
> Outside. This is so I can setup port translations to map to an internal
> box (two ports).
>
> I've done this using the interface IP before and it worked but I'd like
> this to be done a secondary IP on the same interface.. can this be done?
paul,
perhaps i am misunderstanding, but i do no think that you need a
secondary address, just a static nat (using the other address)
name 1.1.1.1 my-inside
name 2.2.2.2 my-outside
static (inside,outside) my-outside my-inside netmask 255.255.255.255 0 0
access-list from-out permit tcp my-outside eq $port
access-group from-out in interface outside
http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_configuration_guides_list.html
(watch for the line wrap, and be sure to have a fully crisco-compliant
webbrowser handy for the crappy javascript that their docs are being
converted to)
<rant>
if anyone from crisco is listening (which i know you aren't becase we
have been complaining about your website for months (years?),
including several how bad does our new website suck surveys), please
get rid of the bloated, slow java script popups/dropdowns/etc that
your docs are turning in to, because frankly, they suck
</rant>
hth
/joshua
--
A common mistake that people make when trying to design something
completely foolproof is to underestimate the ingenuity of complete
fools.
- Douglas Adams -
More information about the cisco-nsp
mailing list