Hi Sean,

I might be wrong but if you want to connect to an internal host from
an external source you have to configure your PIX with static NAT and
create appropriate access-rule entries. Hiding your internal host
behind the PIX's external interface IP or any another global IP (PAT)
to that
matter would not work.

However one thing you can do is port forwarding, whereby connections
originating from an external source destined to the PIX's external
interface IP (or any other global IP) on a specific port are forwarded
to a specific internal host.

On Nov 14, 2007 12:45 AM, Shahin Ansari wrote:
> Greetings-
> I come across an issue which I can not explain and need your help please.
> I was trying to provide access to an inside host from outside. I put in a
> 1:1 static nat for the outside host, made sure there is a route for both
> hosts, and updated the outside interface access-list. But there was no
> connection. I also did not see any message in the logs. Just fyi, this was
> pix platform running 6.3(x). What seems to have fixed the issue was an
> static for the inside host. Which I did not think I need since there is a
> default nat statement on my inside interface translating everything to an
> global address. Any thoughts?
> Sean
>
>
> ________________________________
> Be a better sports nut! Let your teams follow you with Yahoo Mobile. Try it
> now.
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailma...rewall-wizards
>
>

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards