hello,
i have the problem with pix firewall, which i'm not able to solve.
in my local network, connected to the 'inside' pix's interface, i have two web servers (adreses: 10.10.0.2, 10.10.0.3) on the 'outside' pix's interface i have one VIP (10.1.23.130).
i would like to configure my pix in following way:
- if incomming HTTP connection from public network to 10.1.23.130:80 come from defined pool of addresses (i.e. STB1), they should be DNATed to 10.10.0.2:80
- if incomming HTTP connection from public network to 10.1.23.130:80 come from different defined pool of addresses (i.e. STB2), they should be DNATed to 10.10.0.3:80
this configuration can be called destination NAT based on source IP.
is this configuration possible on pix firewall?
can someone help me in solving my problem?
thanks, regards,
pablo