pix config for nat port 80 and port 8080 to same internal ip and port?

[Jim Morris <ml () e4net com>]

Hi,

I've been struggling with this for a while, and searched for an answer which has eluded me so far.

I currently have a Pix 515E  Version 6.3(5) setup to allow incoming requests on port 80 to be 
redirected to a server at port 8162 and incoming requests on port 8080 to redirect to the same 
server at port 8080. (The internal and external IPs are the same ie 1:1 NAT).


static (inside,outside) tcp xxx.xxx.xxx.34 www xxx.xxx.xxx.34 8162 netmask 255.255.255.255 0 0
static (inside,outside) tcp xxx.xxx.xxx.34 8080 xxx.xxx.xxx.34 8080 netmask 255.255.255.255 0 0

This works but means I need to have two listeners running on the server one on port 8162 and one on 
port 8080.

What I really want to do is have a request for port 80 or port 8080 redirect to the same port 8162

so this would be what I want to do, but of course this doesn't work as static nat needs the 
destinations to be different...

static (inside,outside) tcp xxx.xxx.xxx.34 www xxx.xxx.xxx.34 8162 netmask 255.255.255.255 0 0
static (inside,outside) tcp xxx.xxx.xxx.34 8080 xxx.xxx.xxx.34 8162 netmask 255.255.255.255 0 0


I have looked at policy NAT, but I don't see how to specify what port to map to.

This seems like a pretty common thing to want to do, so is it possible? if so how?

Thanks for any help.

















-- 
Jim Morris, http://blog.wolfman.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards