Hi,
I am using a pix 501 with only one public ip address on the outside.
When you specify the global command, just use the keyword 'interface' instead of an ip address. Like this
nat (inside) 1 0.0.0.0 0.0.0.0
global (outside) 1 interface
When you want to allow inbound access to an internal server (mail server, web server, ...), use the 'static' command in combination with a tcp/udp port. Like this:
static (inside, outside) tcp interface 25 25 netmask 255.255.255.255
I have an access-list like this applied to allow inbound mail traffic:
access-list outside-in permit tcp any interface outside eq 25
access-group outside-in in interface outside.
Don't forget to specify the default gateway to the Internet:
route outside 0.0.0.0 0.0.0.0
Kind Regards,
Tom