hello,
i have the problem with pix firewall, which i'm not able to solve.
in my local network, connected to the 'inside' pix's interface, i have
two web servers (adreses: 10.10.0.2, 10.10.0.3)
on the 'outside' pix's interface i have one VIP (10.1.23.130).
i would like to configure my pix in following way:
1. if incomming HTTP connection from public network to 10.1.23.130:80
come from defined pool of addresses (i.e. STB1), they should be DNATed
to 10.10.0.2:80
2. if incomming HTTP connection from public network to 10.1.23.130:80
come from different defined pool of addresses (i.e. STB2), they should
be DNATed to 10.10.0.3:80
this configuration can be called destination NAT based on source IP.
is this configuration possible on pix firewall?
can someone help me in solving my problem?
thanks,
regards,
pablo
