cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
423
Views
0
Helpful
4
Replies

How can I limit port range for dynamic PAT?

fly
Level 2
Level 2

Dear Sir/Madam,

      I want to limit dynamic PAT port range like below

      global (outside) 4 10.16.1.16  netmask 255.255.255.255
     nat (inside) 4 access-list test

 

   I want to use 10.16.1.16 port from 10000 to 60000. or i just don't want to use port 30001.

    But i haven't find method?

    thank you!

Tom

4 Replies 4

You could do something like the following:

object network NAT-IP
  host 10.16.1.16

object network LAN
  subnet 11.11.11.0 255.255.255.0

object network REMOTE-NET
  subnet 12.12.12.0 255.255.255.0

object service PORT-RANGE
  service tcp destination range 10000 60000

nat (inside,outside) source dynamic LAN NAT-IP destination static REMOTE-NET REMOTE-NET service PORT-RANGE PORT-RANGE

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts