Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
892
Views
0
Helpful
1
Replies

static nat for acs authentication

ponparthi
Community Member

‎02-24-2005 05:19 AM - edited ‎02-21-2020 10:12 AM

Hi Everybody.

I have 4 zones in my pix configured .

Outside, inside, remotezone, dmz.

I have my 2RAS boxes sitting on the remote zone.

I need to make these boxes to send authentication request to acs sitting in the inside zone.

If i say radius server real ip that is the ip assigned to ethernet of the acs in ras ras is not able to communicate with acs which is in inside zone.

But if i do a static nat for example say 10.1.7.0 is my remotezone network and i choose an ip 10.1.7.21 and do static nat to 10.1.2.1 (acs ip) ras is able to communicate to acs. Is ther any alternate to avoid static nat in this scenario and make ras talk to acs when dial in users lands on ras. The security level of Remotezone is 80 and that of inside is 100.

Regards

Parthiban

Labels:
0 Helpful
1 Reply 1

scoclayton
Level 11
Level 11

‎02-24-2005 08:06 AM

static (inside, Remotezone) 10.1.2.1 10.1.2.1 netmask 255.255.255.255

The above command will allow you to essentially translate the 10.1.2.1 address received on the Remotezone interface to the same address (10.1.2.1) on the inside interface. You can then point your RAS server to the 10.1.2.1 address for it's RADIUS server entry.

Does this make sense?

Scott

0 Helpful
Customers Also Viewed These Support Documents