[c-nsp] Multiple NAT Port-Forwarding to same port on PIX
Asbjorn Hojmark - Lists
lists at hojmark.org
Sun Feb 24 16:35:26 EST 2008
> 123.45.67.78 50010 -> 192.168.1.100 50000
> 123.45.67.78 50020 -> 192.168.1.100 50000
> 123.45.67.78 50030 -> 192.168.1.100 50000
>
> While from a logical standpoint & protocol view, this doesn't
> pose too much of a problem, PIX (7.0 OS) doesn't permit this
> type of NAT
>From a logical standpoint, traffic exiting the box must match
a static, and if traffic exits with source 192.168.1.100 and
port 50000, which one of the statics above does it match?
Concievably, you could do this for outside-originated traffic
(but not for server-initiated), but I guess they cut that part
short by saying it's not supported at all.
-A
More information about the cisco-nsp
mailing list