增加一台服务器具体要求。新增一台服务器地址: 10.165.127.15/255.255.255.128 。需要 nat
转换成公网地址 16.152.91.223 映射出去,并对外开通这台服务器的 80 端口。
在对外 pix525 上面增加如下: access-list acl_out permit tcp any host 16.52.91.223 eq www //
开放外网对新服务器 80 端口
static (inside,outside) 16.152.91.223 10.165.127.15 netmask 255.255.255.255 0 0 //// 外高桥新
服务器地址转换 16.152.91.223
可是为什么转换后,不能访问 16.52.91.223 的网页,但确可以 ping 通 16.52.91.223 ,但是访
问 10.165.127.15 的主页是正常的??
具体配置如下:
pix-525> enable
Password: *****
pix-525# sh run
: Saved
:
PIX Version 6.3(5)
interface ethernet0 100full
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password FVHQD7n.FuCW78fS level 7 encrypted
enable password 2KFQnbNIdI.2KYOU encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname wgqpix-525
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
access-list acl_out permit tcp any host 16.152.91.221 eq www
access-list acl_out permit icmp any any
access-list acl_out permit tcp any host 16.152.91.220 eq https
access-list acl_out permit tcp any host 16.152.91.223 eq www