I've hit a bit of a brick wall trying to configure my new firewall, and I'm looking for some direction, as what I want to do wasn't really covered in the training course.
I want to do an inbound NAT on an IP address which is contained in a subnet which is also on the PIX and turn it into an internal address - but ONLY for selected ports.
It looks something like this {Warning: Bad ASCII drawing follows}
Internet | | Firewall | | | | DMZ | Internal
The DMZ has an IP address range - call it 172.16.78.192/28. The Inside has 10.67.0.0/16. I want to take IP address 172.16.78.199 and translate it to 10.67.97.10 but ONLY if connections come in on ports 25, 110 or 80 directed to this address only {incoming on those ports to other addresses should be sent elsewhere}.
The addresses in the DMZ are non-RFC1918, and match the subnet mask specified.
Basically, I want an inbound connection attempt on port 25 directed to the external .199 address to be translated and connected to the internal .10 address.
Anyone wanna throw a hint my way? I'm being lazy and using the ASDM module to give me a GUI configuration, but I'll dial into the command line if necessary and put the commands in manually if someone can clue me in. PIX 515E in use, running 7.0.1 software, unrestricted license.
Thanks
DaZZa