[c-nsp] PIX - port redirection & outbount PAT ?
Brandon Bennett
bennetb+cisco-nsp at gmail.com
Tue May 2 10:53:30 EDT 2006
static(high, low) [tcp|udp] low_ip low_port high_ip high_port
eg:
static(inside, outside) tcp 164.13.144.5 80 10.251.0.46 80 netmask
255.255.255.255
static(inside, outside) udp 164.13.144.5 53 10.251.0.46 1194 netmask
255.255.255.255
if you want to use the pixes outside ip address use the interface keyword:
static(inside, outside) udp interface 53 10.251.0.46 1194 netmask
255.255.255.255
Hope this helps.
~Brandon
On 5/1/06, matthew zeier <mrz at velvet.org> wrote:
> I need to map some outside ports to different inside ports and also want
> the inside host to PAT out to a single IP address.
>
> Something such that:
>
> 164.13.144.5:80/tcp -> 10.251.0.46:80/tcp
> 164.13.144.5:53/udp -> 10.251.0.46:1194/udp
>
> And for sessions initiated on 10.251.0.46, PAT out to the public
> address: 10.251.0.46 -> 164.13.144.5 .
>
> Right now the inside host is PAT's out to the global NAT which isn't
> what I want.
>
> What's the right way to do this?
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list