Please find the PIX configuration.

IP addresses are fake public IPs.

Thanks.

----------------------------------------------------------------------------------------------------------

PIX Version 6.1(3)100

nameif ethernet0 outside security0

nameif ethernet1 inside security100

nameif ethernet2 dmz security50

enable password

passwd

hostname pixfirewall

fixup protocol ftp 21

fixup protocol http 80

fixup protocol h323 1720

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol sip 5060

fixup protocol skinny 2000

fixup protocol domain 53

fixup protocol http 8080

names

access-list acl_out permit tcp any host 200.100.100.167 eq smtp

access-list acl_out permit tcp any host 200.100.100.167 eq www

access-list acl_out permit tcp any host 200.100.100.167 eq pop3

access-list mail permit icmp any any

access-list mail permit udp host 192.168.1.2 any eq domain

access-list mail permit tcp host 192.168.1.2 any eq domain

access-list mail permit tcp host 192.168.1.2 any eq smtp

access-list mail permit tcp host 192.168.1.2 any eq pop3

access-list mail permit tcp host 192.168.1.2 any eq www

access-list mail permit udp host 192.168.1.6 any eq domain

access-list mail permit tcp host 192.168.1.6 any eq domain

access-list mail permit tcp host 192.168.1.6 any eq smtp

pager lines 24

logging on

interface ethernet0 auto

interface ethernet1 auto

interface ethernet2 100full

mtu outside 1500

mtu inside 1500

mtu dmz 1500

ip address outside 200.100.100.162 255.255.255.240

ip address inside 200.100.100.177 255.255.255.240

ip address dmz 192.168.1.1 255.255.255.0

ip audit info action alarm

ip audit attack action alarm

no failover

failover timeout 0:00:00

failover poll 15

failover ip address outside 0.0.0.0

failover ip address inside 0.0.0.0

failover ip address dmz 0.0.0.0

pdm history enable

arp timeout 14400

global (outside) 1 200.100.100.168

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

static (dmz,outside) tcp 200.100.100.167 pop3 192.168.1.2 pop3 netmask 255.255.255.255 0 0

static (dmz,outside) tcp 200.100.100.167 www 192.168.1.2 www netmask 255.255.255.255 0 0

static (dmz,outside) tcp 200.100.100.167 smtp 192.168.1.6 smtp netmask 255.255.255.255 0 0

access-group acl_out in interface outside

access-group mail in interface dmz

conduit permit icmp any any

route outside 0.0.0.0 0.0.0.0 200.100.100.161 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si

p 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

no sysopt route dnat

telnet 200.100.100.178 255.255.255.255 inside

telnet timeout 60

ssh timeout 5

terminal width 80

Cryptochecksum:245b1f6d1401a5d4c397efdb6bdb751a

: end

[OK]

pixfirewall(config)#

Hi Tom

Thank you very much for your help to get the nat configuration done for PAT

It is working fine.

Regards