|
Posted by Darren Green on September 17, 2006, 2:24 am
If you were Registered and logged in, you could reply and use other advanced thread options
>>I have an urgent PIX Change to do.
>
>>The inside public address of the PIX also has a number of static
>>translations, these have the affect of natting the inside public addresses
>>to themsleves, so that it is unchanged on the outside of the Firewall.
>
>>I need to translate a new LAN host behind my inside router. As my Public
>>addresses on the outside of the PIX are all used, can I use one of the
>>Public addresses on the inside interface ?
>
>>Public Interface (Public Range - no more addresses left)
>>|
>>PIX
>>|
>>Inside Interface (Public Range Subnetted from Outside Range Above - 2/3
>>addresses left)
>>|
>>Inside Router
>>|
>>LAN Host I need to translate
>
> Yes, if you have an available address in the public range you
> use on the inside, then you have no problem. If the IP address of the
> new host is in the public range, then just follow exactly the same
> way as for the existing public range. If the IP address of the new
> host is in a different range, then just
>
> static (inside,outside) PUBLICIP INSIDEIP netmask 255.255.255.255
>
> and then in your access-list for the outside interface, refer to
> the PUBLICIP. In this situation, you -might- need to
>
> route inside INSIDEIP 255.255.255.255 INSIDEROUTERIP
>
> if you do not already have a route that moves that interior address
> range towards the router.
Thank you Walter.
Regards
Darren
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map