From: Roberts, Larry (Larry.Roberts@expanets.com)
Date: Thu Jul 17 2003 - 10:03:35 GMT-3
Yes it can be done..
static (inside,outside) tcp interface www 192.168.24.99 www netmask
255.255.255.255 0 0
I think you need to be running a 6.x version of code for this to work, Im
sure someone call tell you the exact version it was available in.
Its just simple port redirection and doesn't interfere with IPSec at all. I
have a tunnel, a webserver, an FTP server and some private services all
redirected this way from my cable modem.
Thanks
Larry
-----Original Message-----
From: Wright, Jeremy [mailto:wright@admworld.com]
Sent: Thursday, July 17, 2003 7:46 AM
To: 'security@groupstudy.com'
Cc: 'ccielab@groupstudy.com'
Subject: PIX Static Translation
Is it possible to have a static translation from an outside interface to an
internal interface on a PIX having only 1 routable IP from the ISP? The 1 IP
is also an IPSEC end point so I think if I redirect anything from the 1 IP I
have on the outside, the tunnel and all traffic will quit. If that is the
case, how can I redirect port 80 and 443 to an internal box. Thanks team.
*****************************************
Jeremy Wright
CCIE# 11168
Network Analyst
Archer Daniels Midland
wright@admworld.com
(217)451-4063
*****************************************
CONFIDENTIALITY NOTICE:
This message is intended for the use of the individual or entity to
which it is addressed and may contain information that is privileged,
confidential and exempt from disclosure under applicable law. If the reader
of this message is not the intended recipient or the employee or agent
responsible for delivering this message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited.
If you have received this communication in error, please notify us
immediately by email reply or by telephone and immediately delete this
message and any attachments. In the U.S. call us toll free at (800)
637-5843.
Spanish, French, Quebecois French, Portuguese, Polish, German,
Dutch, Turkish, Russian, Japanese and Chinese:
http://www.admworld.com/confidentiality.htm.
This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:43 GMT-3