1. Home
  2. Cisco Systems
  3. Static Translation

Static Translation

I have an urgent PIX Change to do.

I have been asked to add a static translation to a PIX. I have a public range on the outside of the PIX which has been further subnetted to give me public addresses on the inside as well.

The public addresses on the outside have all been used with various static (inside,outside) translations for LAN hosts which are reachable via a next hop router on the inside Interface of the PIX.

The inside public address of the PIX also has a number of static translations, these have the affect of natting the inside public addresses to themsleves, so that it is unchanged on the outside of the Firewall.

I need to translate a new LAN host behind my inside router. As my Public addresses on the outside of the PIX are all used, can I use one of the Public addresses on the inside interface ?

I don't believe I can but any urgent clarification would be really appreciated.

My network

Public Interface (Public Range - no more addresses left) | | PIX | | Inside Interface (Public Range Subnetted from Outside Range Above - 2/3 addresses left) | | Inside Router | | LAN Host I need to translate

Reply to
Darren Green
Loading thread data ...

Yes, if you have an available address in the public range you use on the inside, then you have no problem. If the IP address of the new host is in the public range, then just follow exactly the same way as for the existing public range. If the IP address of the new host is in a different range, then just

static (inside,outside) PUBLICIP INSIDEIP netmask 255.255.255.255

and then in your access-list for the outside interface, refer to the PUBLICIP. In this situation, you -might- need to

route inside INSIDEIP 255.255.255.255 INSIDEROUTERIP

if you do not already have a route that moves that interior address range towards the router.

Reply to
Walter Roberson

Thank you Walter.

Regards

Darren

Reply to
Darren Green

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.