Hi Team,

We have 5 servers ( AD,Emailserver,SAP & 2 application servers).

As per customer request i have to public those servers through internet because customer want to access from his office(remote).

The five servers already connected with switch.

Currently i am holding PIX firewall, How to config static and nat (one to one)?

Current Config Details :

--------------------------------

interface Ethernet0

nameif outside

security-level 0

ip address <Public Ip address> 255.255.255.240

!

interface Ethernet1

nameif inside

security-level 100

ip address 192.168.235.1 255.255.248.0

!

interface Ethernet2

nameif dmz-network

security-level 50

no ip address

!

object-group icmp-type ping-group

description ping-group

icmp-object alternate-address

icmp-object conversion-error

icmp-object echo

icmp-object echo-reply

icmp-object information-reply

icmp-object information-request

icmp-object mask-reply

icmp-object mask-request

icmp-object mobile-redirect

icmp-object parameter-problem

icmp-object redirect

icmp-object router-advertisement

icmp-object router-solicitation

icmp-object source-quench

icmp-object time-exceeded

icmp-object timestamp-reply

icmp-object timestamp-request

icmp-object traceroute

icmp-object unreachable

object-group service HOD_Access tcp

port-object eq ftp

port-object eq ftp-data

port-object eq www

port-object eq https

port-object eq 12333

port-object eq 992

port-object eq 2001

port-object eq 1023

port-object eq 12343

port-object eq 8989

port-object eq 12323

port-object eq 449

port-object eq 3270

port-object eq telnet

port-object eq 8999

port-object eq 12324

port-object eq 10024

port-object eq 10025

port-object eq 10027

access-list inside_access_in extended permit udp any any

access-list inside_access_in extended permit icmp any any object-group ping-group

access-list inside_access_in extended permit ip any any

access-list outside_access_in extended permit icmp any any object-group ping-group

access-list outside_access_in extended permit tcp any any object-group HOD_Access

global (outside) 101 interface

nat (inside) 101 0.0.0.0 0.0.0.0

static (inside,dmz-network) 192.168.28.11 10.142.1.11 netmask 255.255.255.255 ---- Wrong(old config)

static (inside,dmz-network) 192.168.28.105 10.142.1.15 netmask 255.255.255.255------ Wrong(old config)

static (inside,dmz-network) dr-inside-network dr-inside-network netmask 255.255.248.0

access-group outside_access_in in interface outside

access-group inside_access_in in interface inside

route outside 0.0.0.0 0.0.0.0 <public ip address same outside interface ip> 1

Server Ip address Details:

---------------------------------------

192.168.235.35

192.168.235.136

192.168.235.37

192.168.235.42

192.168.235.62

Please try to help me to config correctly........