Firstly, we encountered a problem after we enter the static nat address, we cannot ping from Remote site to DMZ using the public ip address that we assigned. After much research and discussion with our supervisor, we managed to get the thing done after entering the following command !
global (outside) 1 interface
-The firewalls global outside address, used for outgoing nat communications
nat (DMZ) 1 0.0.0.0 0.0.0.0
- The number 1 is the local NAT ID (between 0 and 2 billion). - The 0 0 is the internal IP address and subnet mask to be translated 0 stands for all
access-list outside_in extended permit ip any host 200.10.10.77
-access list is to tell PIX that if outside network device want to use Public Address to ping. PIX will know the destination to route the ping.
static (DMZ,outside) 200.10.10.77 192.168.0.82 netmask 255.255.255.255
- Published address space, psudeo addresses of the servers, used to punch through the; fireall. Note however that this does no grant global access to these addresses, but; merely sets the connection between the ip addresses up.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment