Firewall Wizards mailing list archives
Re: NAT a range of TCP ports to an internal IP address on pix 506E
From: "kevin horvath" <kevin.horvath () gmail com>
Date: Thu, 24 Jan 2008 21:18:18 -0500
you already have a translation. Do a "sh nat" and see where the conflict is and then remove or modify the translations. On Jan 23, 2008 1:50 PM, Chris Smith <chris.smith () 1pointe com> wrote:
Best regards firewall list readers! We have a Cisco pix 506E running software version 6.3 (5) We also have a VOIP server on the internal network at 192.168.1.6. We need to NAT a range of TCP ports to this VOIP server. The port range is 49152 through 49214. The connections come in from the internet and need to be natted through the pix to this internal VOIP server. We believe we already have the access list rules in place to allow the connections. We just need a translation rule to allow this group of ports. The IP address of the internal interface on the pix is 192.168.1.2 The command that is not working is: static (inside,outside) x.x.x.x 192.168.1.6 We are currently getting this error when trying to setup the rule. WARNING: mapped-address conflict with existing static tcp from inside:server/80 to outside:x.x.x.x/80 netmask 255.255.255.2 55 WARNING: mapped-address conflict with existing static tcp from inside:server/25 to outside:x.x.x.x/25 netmask 255.255.255.2 55 WARNING: mapped-address conflict with existing static tcp from inside:server/110 to outside:x.x.x.x/110 netmask 255.255.255 .255 Any insight is appreciated. Thanks to all. _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- NAT a range of TCP ports to an internal IP address on pix 506E Chris Smith (Jan 24)
- Re: NAT a range of TCP ports to an internal IP address on pix 506E kevin horvath (Jan 25)
- Re: NAT a range of TCP ports to an internal IP address onpix 506E Fetch, Brandon (Jan 30)
- Re: NAT a range of TCP ports to an internal IP address on pix 506E kevin horvath (Jan 25)