Assigning the IP Address for Virtual Services for Outbound Traffic
Example 18-4 shows the virtual Telnet configuration that authenticates host 10.10.10.100
when you make an outbound connection to a NetMeeting server located on the Internet.
Now let us change the positions of the client and server. This time, the NetMeeting server is
behind the Security Appliance, and the client is on the Internet. Figure 18-5 depicts the
configuration with the NetMeeting server on the internal network and the client on the
Internet.
Example 18-4 Configuring Virtual Telnet Outbound Connections
PIXFirewall(config)# ip address outside 192.168.1.1 255.255.255.0
PIXFirewall(config)# ip address inside 10.10.10.1 255.255.255.0
PIXFirewall(config)# global (outside) 1 192.168.1.20-192.168.1.40 netmask
255.255.255.0
PIXFirewall(config)# nat (inside) 1 0 0 0 0
PIXFirewall(config)# aaa-server TACACS+ protocol tacacs+
PIXFirewall(config)# aaa-server TACACS+ (DMZ) host 172.16.1.2 abc123 timeout 20
PIXFirewall(config)# aaa authentication include any inside 0 0 0 0 TACACS+
PIXFirewall(config)# virtual telnet 192.168.1.4