Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
961
Views
0
Helpful
1
Replies

Can inside hosts talk to external NAT IP

paul.pink
Level 1
Level 1

‎08-12-2011 04:46 PM - edited ‎03-11-2019 02:11 PM

Scenario - A firewall with 3 interfaces inside(172.30.1.0/24), dmz(17216.1.0/24)., outside(200.200.1.0/24). 

A static NAT is created for DMZ server (172.16.1.10) to  public IP (200.200.1.10)

static (dmz, outside) 200.200.1.10 172.16.1.10 netmask 255.255.255.255

Can hosts on the inside netwrok communicate with the server in the DMZ if the request is sent to the NAT IP (http://200..200.1.10.. example only)

W/o a nat (inside,outside) statement this will be impossibe, but if there is a nat (inside,outside) x statement,/global(outsie) x, could this work

customer wants to know if it is possible

Thanks

Labels:
0 Helpful
1 Reply 1

varrao
Level 10
Level 10

‎08-12-2011 08:30 PM

HI Paul,

If the inside users wants to access the server on the DMZ, they would need the following nat statements:

static (dmz,inside) 200.200.1.10 172.16.1.10

nat (inside) 1 0.0.0.0 0.0.0.0

global (dmz) 1 interface

The last two nat statements would be required if you have nat-control enabled, otherwise not.

Hope this helps

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card