I'm new to Cisco routers, and I have a simple question. Why can I not resolve to my internal host with the public IP address I have assigned to it?
Here is my example:
mail server (example local ip: 192.168.2.5, example external ip
60.66.55.55). I would like to access the mail server by the public IP from inside the network. The current setup is blocking that, and I don't know to define what I want to do, if there is a term for it. Any help is appreciated.
By default, the PIX is blocking this traffic. Here is a link to a post from a few days ago regarding a very similar problem, although this one was web and not email. Here:
You cannot do that with a PIX 501. The other poster's suggestion of using an alias will not work.
You could get it to work if you were accessing by host -name-, but not by host -address- -- not without adding extra hardware.
Why? Because it is a security feature. In order for it to work, the PIX would have to accept packets on its inside interface that were addressed to the public IP, and would have to translate them and send them back to the inside interface. PIX 6 is designed to never allow packets to enter the PIX by one interface and leave by the same interface. (PIX 7 permits it in some circumstances, but the PIX 501 cannot run PIX 7.)
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.