From: Vazman@aol.com
Date: Wed Apr 21 2004 - 00:41:41 GMT-3
Hello,
I am trying to setup a Pix501E firewall for a small office. The office has a DSL line and one public IP address only.
Requirements are
1. All internal hosts should be able to access the Internet. 2. And there is a server running some apps (www, pcanywhere etc) that needs to be accessible from the outside.
I configured nat and global commands to satisfy the first requirement.
nat (inside) 1 192.168.1.0 255.255.255.0
global (outside) 1 interface
For the second requirement I configured static nat, created an ACL for the required ports and applied it to the outside interface.
static (inside, outside) x.x.x.x 192.168.1.100 netmask 255.255.255.255 0 0
Problem is only the server can go out to the Internet and can be accessed from outside, but other internal hosts cannot go out. I ran a debug on the pix and was getting some translation errors (don't have the exact message now)
What am I missing here? Is it the fact that I am using the public address for static NAT, I cannot use the same address for PAT. This is something that can be easily done on a linksys but not so straightforward on a pix.
Thanks
This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:51 GMT-3