cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
516
Views
0
Helpful
3
Replies

converting 8.2 to 9.0 NAT example

DannyHuston
Level 1
Level 1

I've gotten most of my NATs figured out but how do you convert this example into the new NAT format?  CAn anyone assist?

static (INSIDE,OUTSIDE) tcp 10.10.10.1 www 20.20.20.1 www netmask 255.255.255.255

static (INSIDE,OUTSIDE) tcp 10.10.10.2 11080 20.20.20.2 9090 netmask 255.255.255.255

1 Accepted Solution

Accepted Solutions

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

You can use these configurations

object network STATIC-PAT-TCP80

host 20.20.20.1

nat (INSIDE,OUTSIDE) static 10.10.10.1 service tcp 80 80

object network STATIC-PAT-TCP9090

host 20.20.20.2

nat (INSIDE,OUTSIDE) static 10.10.10.2 service tcp 9090 11080

Then you can allow the traffic in your "OUTSIDE" interface ACL like this

access-list OUTSIDE-IN permit tcp any object STATIC-PAT-TCP80 eq 80

access-list OUTSIDE-IN permit tcp any object STATIC-PAT-TCP9090 eq 9090

Naturally you use the ACL name of the ACL currently attached to your "OUTSIDE" interface.

Hope this helps

Please do remember to mark the reply as the correct answer if it answered your question.

- Jouni

View solution in original post

3 Replies 3

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

You can use these configurations

object network STATIC-PAT-TCP80

host 20.20.20.1

nat (INSIDE,OUTSIDE) static 10.10.10.1 service tcp 80 80

object network STATIC-PAT-TCP9090

host 20.20.20.2

nat (INSIDE,OUTSIDE) static 10.10.10.2 service tcp 9090 11080

Then you can allow the traffic in your "OUTSIDE" interface ACL like this

access-list OUTSIDE-IN permit tcp any object STATIC-PAT-TCP80 eq 80

access-list OUTSIDE-IN permit tcp any object STATIC-PAT-TCP9090 eq 9090

Naturally you use the ACL name of the ACL currently attached to your "OUTSIDE" interface.

Hope this helps

Please do remember to mark the reply as the correct answer if it answered your question.

- Jouni

Thanks!

Hi Jouni Forss,

 

Please help me regarding this configuration to convert into 9.1.  Appreciate the response.

 

global (outside) 2 150.x.x.x

nat (inside) 2 10.1.200.0 255.255.255.0 tcp 100 100

Review Cisco Networking for a $25 gift card