Configuring the Security Appliance for a DMZ Deployment
g.
h.
Add addresses to the IP pool to be used by the outside interface. These addresses
Step 2
are used to translate private IP addresses so that inside clients can communicate
securely with clients on the Internet.
In this scenario, there are limited public IP addresses available. Use Port Address
Translation (PAT) so that many internal IP addresses can map to the same public
IP address, as follows:
a.
b.
c.
d.
PIX 515E Security Appliance Getting Started Guide
2-10
Click Add to add this range of IP addresses to the Address Pool.
The Add Global Pool dialog box configuration should be similar to the
following:
Click OK to return to the Configuration > NAT window.
In the right pane of the NAT Configuration screen, click the Global Pools
tab.
Under the Global Pools tab, click Add.
The Add Global Pool Item dialog box appears.
From the Interface drop-down list, choose Outside.
Specify a Pool ID for the Outside interface.
Chapter 2
Scenario: DMZ Configuration
78-17645-01