Hi, I know how to do static map if i want to allow people to access my exchange server which is located inside a PIX 515, but the problem is I dont have any spare public IP . Is there any way to do that using the outside Interface IP? Thanks in advance for any help
I've only just started looking at the PIX stuff in the last few days but can't you just use the static command and specify the ports in question, assuming you only have one Exchange server (or sever that uses the same ports) on the network behind the firewall, I don't see why that won't work from the information you have given.
Port forwarding not working?
Map any incoming requests for that port on your outside interface to your exchange server's private ip/port. If you use a rarely used port for listening on your WAN interface it can aid in preventing unauthorized access to your server.
-Dan
Rob wrote:
That means I can map the outside IP to a private one and at the same time use it as outiside IP? So both server and outside interface would have the same IP address, doesnt it make any problem? Thanks-Rob
Hi Rob,
Yes, you can do that with no problem. The trick is, you only static map the "port". When you do the static map, do the following:
static (inside,outside) tcp interface port_number inside_ip port_number netmask 255.255.255.255
I assume you do this already:
global (outside) nat_inside_number interface
Tom
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.