[c-nsp] Two static NAT statements for a local private IP address on PIX 6.3, possible?
Dave Lim
dave.daturax at gmail.com
Mon Oct 2 23:10:49 EDT 2006
Hi Group,
This is a scenario I have not encountered before so I need you guys help. I
have a customer who is using Cisco PIX 6.3 with 4 interfaces. They are
outside, dmz, inside, corp_net
Apparently, the DMZ interface is using Public routable IP address. For
traffic going from the DMZ to the outside interface, I did a NAT 0. But now
the user wants to NAT the DMZ public IP address to corp_net (10.84.5.15)
Can a local IP address have 2 static NAT statements? Or can PIX keep an
xlate table with 2 global entries?
this is the xlate table
PAT Global outside_pix(54133) Local 10.84.2.3(21584)
PAT Global outside_pix(40830) Local 10.84.2.3(35194)
Global 10.84.1.114 Local 10.84.1.114
Global dmz_notes_01 Local dmz_notes_01
Global 10.84.1.113 Local 10.84.1.113
and the Static NAT statements.
static (dmz,outside) dmz_notes_01 dmz_notes_01 netmask 255.255.255.248 0 0
static (dmz,corp_net) 10.84.5.15 dmz_notes_01 netmask 255.255.255.255
Thanks in advance!
More information about the cisco-nsp
mailing list