Re: pix and multiple outside addresses to the same inside addres

whanson · ‎10-02-2002

Is there any version of the PIX that allows this???

mklaphek · ‎10-02-2002

I believe that you can do it if you use different ports, but the ports cannot overlap. I have never tried it this way, but I have used it for the same outside address to go to different inside addresses based on port, so I don't know why the reverse wouldn't be true.

Probably need 6.1 or above for this.

dejarman · ‎10-07-2002

The Cisco Secure PIX Firewall only allows a single one-to-one translation for a local (inside) host. If you have more than two interfaces on the Cisco Secure PIX Firewall, you can translate a local address to different addresses on each respective interface but only one translation per interface is allowed for each address. Likewise, you cannot do a static mapping of a single outside address to multiple local addresses.

bosoro · ‎10-07-2002

Actually you can have a single outside and map it to a multiple inside, it's called Port Direction as described in this link:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aad.shtml#port

To accomplish multiple outside to a single inside, you may want to try Bi-Directional NAT

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aad.shtml#outnat

If you haven't found it already here is a link to the 60 Top PIX Issues

http://www.cisco.com/warp/public/110/top_issues/pix/pix_index.shtml

-Bryan

pix and multiple outside addresses to the same inside address