Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
296
Views
0
Helpful
2
Replies

PIX515E DMZ Routing Question

jcalhoun1984
Level 1
Level 1

‎01-05-2006 01:09 PM - edited ‎03-03-2019 11:22 AM

Here's my situation we're a WISP and the PIX515 is our gateway to the internet for our clients. All of our clients are on the DMZ of the pix 172.16.0.1 /16. They receive static private IP's along that range. When someone needs a public IP I do a 1 to 1 translation on the pix and open up what incoming ports they need. What I want to be able to do is simply put the public IP address right on their computer/firewall and not have any ports blocked. Any Suggestions?

Labels:
0 Helpful
2 Replies 2

mheusinger
Level 10
Level 10

‎01-05-2006 03:00 PM

Hi,

you could assign a subnet from your official IP address range to this task and apply it to a DMZ interface. I would recommend a separate interface for this task. This would be configured along what you already do.

Hope this helps

Martin

0 Helpful

jackko
Level 7
Level 7

‎01-05-2006 03:20 PM

not sure if i understand your issue correctly.

the extra bit you are trying to do is to permit all ports for the public ip, and leave the security open as a client's own responsibility.

e.g.

static (dmz,outside) 172.16.x.x netmask 255.255.255.255

access-list inbound permit ip any host

access-group inbound in interface outside

clear xlate local 172.16.x.x

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card