Re: PIX Version 6.3(4) "interface" vs IP adress
- From: "Martin Bilgrav" <bilgravCUTTHISOUT@xxxxxxxx>
- Date: Mon, 23 Jan 2006 20:16:49 +0100
<mak@xxxxxxxxxx> wrote in message news:dr23mt$tu7$1@xxxxxxxxxxxxxxxxxxxxxxx
> what's the difference of binding the port/protocoll to "interface"
>
> static (inside, outside) udp interface 80 192.168.1.10 5060 netmask
255.255.255.255
> access-list traffic_in permit udp any interface outside eq 5060
This PAT, and hence you can only have ONE IP and ONE PORT.
i.e. if you want two port tcp/80 running, you can not
> static (inside,outside) udp 12.34.56.73 5060 192.168.1.10 5060 netmask
255.255.255.255 0 0
> access-list traffic_in permit udp any host 12.34.56.73 eq 5060
This is NAT, and hence you can map MANY IP to MANY inside, with SAME
portnumbers.
i.e. you can run several port TCP/80, just with differrent IPs
>
> what would you recommend how to do this.
Use NAT if you have IPs, otherwise, why do you have IPs ?
Use PAT if you have only ONE (1) assigned to you by your ISP, fx via DHCP on
outside.
>
> any help appreciated,
> mak
.
- Follow-Ups:
- Re: PIX Version 6.3(4) "interface" vs IP adress
- From: Walter Roberson
- Re: PIX Version 6.3(4) "interface" vs IP adress
- References:
- PIX Version 6.3(4) "interface" vs IP adress
- From: mak@xxxxxxxxxx
- PIX Version 6.3(4) "interface" vs IP adress
- Prev by Date: Re: Multiple VLANs on Single NIC
- Next by Date: Re: ISR CBAC prolem
- Previous by thread: Re: PIX Version 6.3(4) "interface" vs IP adress
- Next by thread: Re: PIX Version 6.3(4) "interface" vs IP adress
- Index(es):
Relevant Pages
|
