Hi,
I have a PIX 515E. I am looking to setup four DMZs. For DMZ1 I would like to use global IP addresses (we have a full class C) - no NAT and/or PAT, and all the machines located here should be available to the outside world using these IPs. All the hosts on the inside should be able to access the DMZ1 servers unrestricted. All other traffic is going out through NAT using another global IP from the same range.
These are the lines I am looking to add for DMZ1, and the permissions here are just for a web server using port 80.
name 172.168.10.6 SERVER1
nameif ethernet2 DMZ1 security90
ip address DMZ1 172.168.10.5 255.255.255.0
nat (dmz1) 0
access-list dmz1 permit tcp any any eq www
access-group dmz1 in interface DMZ2
Do I still have to use maps for the servers in DMZ1 to outside? Please let me know if I am missing anything.
Regards,
Zahundas
I have a PIX 515E. I am looking to setup four DMZs. For DMZ1 I would like to use global IP addresses (we have a full class C) - no NAT and/or PAT, and all the machines located here should be available to the outside world using these IPs. All the hosts on the inside should be able to access the DMZ1 servers unrestricted. All other traffic is going out through NAT using another global IP from the same range.
These are the lines I am looking to add for DMZ1, and the permissions here are just for a web server using port 80.
name 172.168.10.6 SERVER1
nameif ethernet2 DMZ1 security90
ip address DMZ1 172.168.10.5 255.255.255.0
nat (dmz1) 0
access-list dmz1 permit tcp any any eq www
access-group dmz1 in interface DMZ2
Do I still have to use maps for the servers in DMZ1 to outside? Please let me know if I am missing anything.
Regards,
Zahundas