Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
291
Views
5
Helpful
1
Replies

PAT

gio9779
Level 1
Level 1

‎10-22-2003 01:49 AM - edited ‎03-09-2019 05:14 AM

I currently have a PAT on a public ip it is currently translating all internal to external traffic.

I have been told that I can use this public ip to translate incoming traffic aswell for example I can make it translate incoming traffic on port 5000 to a machine on my internal network on another port.

I was under the impression this could not be done that I would have to setup another public ip with a NAT for that machine and then do a port redirect.

anybody who knows please help.

currently using a PiX 515

Labels:
0 Helpful
1 Reply 1

rais
Level 7
Level 7

‎10-22-2003 04:31 AM

This is possible with release 6.0 and up, using 'static' command:

static (inside,outside) tcp 1.1.1.1 5000 10.1.1.1 23 netmask 255.255.255.255 0 0

Even if 1.1.1.1 is a PATed external address, connection to this address on port 5000 from outside, will be sent to inside machine 10.1.1.1 port 23. Also, make sure that your access-list allows connections at port 5000 to 1.1.1.1 from outside.

Hope this helps.

Customers Also Viewed These Support Documents