[c-nsp] Pix nat
Andrew Yourtchenko
ayourtch at gmail.com
Fri Jul 21 11:59:06 EDT 2006
It is best match. However, for the second global pool you might want
to include a few PAT addresses as well - else you assign one address
from the pool per client, and when you run out of that, the remaining
clients will not be able to get any new translations.
thanks,
andrew
On 7/21/06, Voll, Scott <Scott.Voll at wesd.org> wrote:
> I have a site that has many (internal) subnets but another agency wants
> to only allow one (internal) subnet into their network. So what I would
> like to do on the pix is two nats.
>
>
>
> IE>
>
>
>
> Nat (inside) 1 10.x.x.x 255.255.255.0
>
> Nat (inside) 2 0.0.0.0 0.0.0.0
>
> Global (outside) 1 y.y.y.y
>
> Global (outside) 2 a.a.a.a - a.a.a.b
>
>
>
> Will this work or do I have to do a nat inside for each subnet? I was
> hoping the nat was like routing.... Best match.
>
>
>
> TIA
>
>
>
> Scott
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list