hi, i've a problem with this scenario:
pix515e, three interface: inside, outside, dmz only one public IP: pppoe i need (but not have:-)
- 2 static ports from outside to dmz (10.0.0.10; port 25, 80)
- 1 static port from outside to inside (192.168.1.10; port 443) the 2 ports to dmz work fine; the 1 port to inside doesn't work :-( any idea? Is it possible? Thanks in advance...
Christian Ditters
; ; parts of the config: ;
object-group service webserver tcp port-object eq www port-object eq https port-object eq smtp object-group service dmz2inside1 tcp port-object eq smtp object-group service dmz2inside2 udp port-object eq domain
access-list ACLOUTSIDE permit tcp any interface outside object-group webserver access-list ACLDMZ permit tcp any host 192.168.1.10 object-group dmz2inside1 access-list ACLDMZ permit udp any host 192.168.1.10 object-group dmz2inside2
ip address outside pppoe setroute ip address inside 192.168.13.2 255.255.255.0 ip address dmz 10.0.0.1 255.255.255.0
global (outside) 10 interface global (dmz) 10 interface nat (inside) 10 0.0.0.0 0.0.0.0 0 0 nat (dmz) 10 0.0.0.0 0.0.0.0 0 0
static (inside,outside) tcp interface https 192.168.1.10 https netmask
255.255.255.255 0 0 static (dmz,outside) tcp interface smtp 10.0.0.10 smtp netmask 255.255.255.255 0 0 static (dmz,outside) tcp interface www 10.0.0.10 www netmask 255.255.255.255 0 0 static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.0 0 0access-group ACLOUTSIDE in interface outside access-group ACLDMZ in interface dmz