email server & PIX question

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View

I know how to do static map if i want to allow people to access my exchange
server which is located inside a PIX 515, but the problem is I dont have any
spare public IP . Is there any way to do that using the outside Interface
Thanks in advance for any help

Re: email server & PIX question

Quoted text here. Click to load it

I've only just started looking at the PIX stuff in the last few days but
can't you just use the static command and specify the ports in question,
assuming you only have one Exchange server (or sever that uses the same
ports) on the network behind the firewall, I don't see why that won't
work from the information you have given.
-> The email address used in this message *IS* valid <-

Re: email server & PIX question

Port forwarding not working?

Map any incoming requests for that port on your outside interface to
your exchange server's private ip/port. If you use a rarely used port
for listening on your WAN interface it can aid in preventing
unauthorized access to your server.


Rob wrote:

Quoted text here. Click to load it

Re: email server & PIX question

That means I can map the outside IP to a private one and at the same time
use it as outiside IP? So both server and outside interface would have the
same IP address, doesnt it make any problem?

Quoted text here. Click to load it

Re: email server & PIX question

Hi Rob,

Yes, you can do that with no problem.  The trick is, you only static map the
"port".  When you do the static map, do the following:

   static (inside,outside) tcp interface port_number inside_ip port_number

I assume you do this already:

   global (outside) nat_inside_number interface


Quoted text here. Click to load it

Site Timeline