[c-nsp] Transparent NAT
Robert Blayzor
rblayzor at inoc.net
Fri Sep 23 09:01:36 EDT 2005
Mikisa Richard wrote:
> I need to do a 'transparent nat' on a cisco PIX-515E version 6.3(3). My
> network is mainly natted but in this case, I need to route global IPs
> down to a client. What i need is a straight global IP mapping, ie:
> static (inside,outside) x.x.x.x x.x.x.x netmask 255.255.255.255 0 0.
> Any ideas on how to configure?
Assuming you need an outside global IP address that does not go through
any form of NAT translation you should be able to put a route in the PIX
to point to the inside IP address and put that global IP address on a
loopback interface of the server/router. Works well for stateful
connections, but UDP applications might break unless they are smart
enough to reply from the same address they received the packet on.
--
Robert Blayzor, BOFH
INOC, LLC
rblayzor\@(inoc.net|gmail.com)
PGP: http://www.inoc.net/~dev/
Key fingerprint = 1E02 DABE F989 BC03 3DF5 0E93 8D02 9D0B CB1A A7B0
Foolproof operation: All parameters are hard coded.
More information about the cisco-nsp
mailing list