[c-nsp] interesting problem with PIX, double NAT and
Aldo Valente
aldo.valente at gmx.de
Tue Mar 1 02:49:34 EST 2005
/me again
> > > nat (inside) 1 0 0
> > > global (outside) 1 our.outside.ip
> > > nat (outside) 2 0 0 outside
> > > global (inside) 2 our.inside.ip
It`s getting even better. The difference between my setup and the docs
was that their inner net was connected, mine was static.
I changed that,
sh route
inside 10.0.0.0 255.0.0.0 inner.if.ip 1 CONNECT static
outside 10.128.0.0 255.128.0.0 outer.router.ip 1 OTHER static
and after removing a more specific route to the inside, i couldn`t
reach the pix anymore. Seems that the more specific static route wins
over the connected.
sigh, time to open a case it seems to me,
Aldo
PS: 6.3.(4)
--
DSL Komplett von GMX +++ Supergünstig und stressfrei einsteigen!
AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl
More information about the cisco-nsp
mailing list