Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
550
Views
0
Helpful
1
Replies

can pix do this?

jeff.lee
Level 1
Level 1

‎02-12-2004 10:05 PM

can pix do this?

1.NAT PROBLEM

for instance,pix's public address is 218.242.2.1,its private ip address is 192.168.0.1/24,there is a server whose ip address is 192.168.0.100,if someone in internet want to access tcp ports from 2000 to 5000 of 218.242.2.1,the pix can forward all the traffic to 192.168.0.100?if can,how to do this?

2.VPN problem

the structure is :

INTERNET--ROUTERA--PIX--LAN,both the ip address of inside and outside of the router are public address,and both the ip address of inside and outside of the pix are private address,.but I use NAT to translate the pix's outside ip address to a public address,then can pix act as a vpn server?that means if someone in internet can dialer in the pix with cisco vpn client software?if can,is there any diffirent config in pix or router?in the pix's place,if there is a routerb or vpn3000,can they act as vpn server?

thanks

Labels:
0 Helpful
1 Reply 1

mostiguy
Level 6
Level 6

‎02-13-2004 07:05 AM

1. You ideally want another legitimate internet ip address so that you could statically map it to 192.168.0.100. Otherwise, if you are using PAT, you would need a static port forwarding statements for each of those ports, which would be ugly. If you cannot get another ip to statically map to 192.168.0.100, I would recommend considering only allowing access to that app through a vpn.

2. how can you have legit ip addresses on both ints of the router, and not one on the outside of the pix? aren't the routers inside int and the pix's outside on the same subnet?

0 Helpful
Customers Also Viewed These Support Documents