Does a firewall need two static IPs for port forwarding?

See if it takes two static IPs to accomplish port forwarding in a Cisco firewall, in this expert response from network security expert Puneet Mehta.

I am using a Cisco PIX Version 6.3(5) firewall and I have only one static IP. My supporters tell me that it takes

two static IPs to do port forwarding in a firewall. Is it true that I require two static IPs? Please explain, if this is so.

Port forwarding is the act of forwarding a network port from one network node to another. This technique can allow an external user to reach a port on a private IP address (inside a LAN) from the outside via a NAT-enabled router.

Routers are configured with two interfaces: One is your WAN interface that connects to the Internet and is configured with a Public IP address (xxx.xxx.xxx.xxx) provided by your ISP. The second is an internal (LAN) network interface which is configured with your local internal (LAN) static IP address (192.xxx.xxx.xxx).

This was first published in October 2007

Dig deeper on Network Security Best Practices and Products



Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: