Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
802
Views
4
Helpful
2
Replies

PIX 7.0 Static NATting 2 External Addresses To 1 Internal Address

David Dobbs
Level 1
Level 1

‎01-15-2007 10:11 AM - edited ‎03-11-2019 02:19 AM

I am trying to map two external global IP's to a single internal IP using a Static NAT and get "duplicate of existing static" error message. I am migrating two servers each pointed to with a different global IP address to a single server while preserving my global IP addresses. I want both global IP addresses to point to the same internal server (I don't want to have to make my customers change their IP addresses to my server).

Here is what I have on my PIX v7.0(2) (real IP's changed to protect the innocent):

External Interface:

External IP address 156.68.69.151

External IP address 156.68.69.152

Internal Interface:

Internal IP address 10.1.1.1

Internal IP address 10.1.1.2 (retiring server)

Currently, 156.68.69.151 is mapped to 10.1.1.1 and 156.68.69.152 is mapped to 10.1.1.2 with the following Static statements:

static (inside,outside) 156.68.69.151 10.1.1.1 netmask 255.255.255.255

static (inside,outside) 156.68.69.152 10.1.1.2 netmask 255.255.255.255

I tried the following and got the "duplicate of existing static" error message:

static (inside,outside) 156.68.69.151 10.1.1.1 netmask 255.255.255.255

static (inside,outside) 156.68.69.152 10.1.1.1 netmask 255.255.255.255

So how can I do this?

Thanks in advance!

David

Labels:
0 Helpful
2 Replies 2

Collin Clark
VIP Alumni
VIP Alumni

‎01-15-2007 10:15 AM

You can't, but you do have one option. Give the server a secondary IP and point the static to it.

HTH and please rate.

David Dobbs
Level 1
Level 1
In response to Collin Clark

‎01-15-2007 10:34 AM

Thanks for the speedy reply. That's what I was afraid of. Could this work assuming 160.1.5.6 is the IP address of my customer accessing my 10.1.1.1 server via 156.68.69.152? I tried this and the PIX at least accepts this configuration (don't know if it actually works).

access-list server permit ip host 10.1.1.1 host 160.1.5.6

static (inside,outside) 156.68.69.151 10.1.1.1 netmask 255.255.255.255

static (inside,outside) 156.68.69.152 access-list server

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card