Firewall Wizards mailing list archives
NAT a range of TCP ports to an internal IP address on pix 506E
From: "Chris Smith" <chris.smith () 1pointe com>
Date: Wed, 23 Jan 2008 10:50:55 -0800
Best regards firewall list readers!
We have a Cisco pix 506E running software version 6.3 (5)
We also have a VOIP server on the internal network at 192.168.1.6. We need to NAT a range of TCP ports to this VOIP
server. The port range is 49152 through 49214.
The connections come in from the internet and need to be natted through the pix to this internal VOIP server.
We believe we already have the access list rules in place to allow the connections. We just need a translation rule to
allow this group of ports.
The IP address of the internal interface on the pix is 192.168.1.2
The command that is not working is:
static (inside,outside) x.x.x.x 192.168.1.6
We are currently getting this error when trying to setup the rule.
WARNING: mapped-address conflict with existing static
tcp from inside:server/80 to outside:x.x.x.x/80 netmask 255.255.255.2
55
WARNING: mapped-address conflict with existing static
tcp from inside:server/25 to outside:x.x.x.x/25 netmask 255.255.255.2
55
WARNING: mapped-address conflict with existing static
tcp from inside:server/110 to outside:x.x.x.x/110 netmask 255.255.255
.255
Any insight is appreciated.
Thanks to all.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- NAT a range of TCP ports to an internal IP address on pix 506E Chris Smith (Jan 24)
- Re: NAT a range of TCP ports to an internal IP address on pix 506E kevin horvath (Jan 25)
- Re: NAT a range of TCP ports to an internal IP address onpix 506E Fetch, Brandon (Jan 30)
- Re: NAT a range of TCP ports to an internal IP address on pix 506E kevin horvath (Jan 25)