cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
231
Views
5
Helpful
1
Replies
estadlercisco
Beginner

NAT public IP to IP inside DMZ

I am trying to NAT an outside IP address to an address in the DMZ and allow only port 80 to that ip address in the dmz.

I'm not that familiar with DMZ configuration, what would the configuration for that look like?

1 REPLY 1
acomiskey
Advocate

pix ip address outside = 1.1.1.1

pix ip address dmz = 192.168.200.1

webserver = 192.168.200.10

webserver outside ip = 1.1.1.2

static (dmz,outside) 1.1.1.2 192.168.200.10 netmask 255.255.255.255

access-list outside permit tcp any host 1.1.1.2 eq 80

access-group outside in interface outside

or if you're using 1.1.1.1 to access webserver you could have this...

static (dmz,outside) interface 192.168.200.10 netmask 255.255.255.255

or port translate like this...

static (dmz,outside) tcp interface 80 192.168.200.10 80 netmask 255.255.255.255

Content for Community-Ad