Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
663
Views
0
Helpful
2
Replies

nat (DMZ,outside) source dynamic any interface

Go to solution
mahesh18
Level 6
Level 6

‎06-30-2013 10:50 AM - edited ‎03-11-2019 07:05 PM

Hi Everyone,

Need to confirm NAT  statement below

nat (DMZ,outside) source dynamic any interface   in version 9.1.

So above line means NAT from  DMZ  to outside.

Need to know  that source here means that we are NATing IP from DMZ?

any interface means NAT IP will be of outside interface IP?

Regards

MAhesh

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎06-30-2013 10:58 AM

Hi Mahesh,

The below NAT configuration

nat (DMZ,outside) source dynamic any interface

Means the following

  • The NAT configuration is for connection between "DMZ" and "outside".  Basicly for connection FROM "DMZ" to "outside"
  • The translation is a "dynamic" translation
  • It accepts "any" source address from behind the "DMZ" interface
  • It uses the "outside" "interface" IP address as the PAT address

So its a basic Dynamic PAT translations for the hosts behind "DMZ" interface and accepts any source address/network you might have behind "DMZ"

- Jouni

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎06-30-2013 10:58 AM

Hi Mahesh,

The below NAT configuration

nat (DMZ,outside) source dynamic any interface

Means the following

  • The NAT configuration is for connection between "DMZ" and "outside".  Basicly for connection FROM "DMZ" to "outside"
  • The translation is a "dynamic" translation
  • It accepts "any" source address from behind the "DMZ" interface
  • It uses the "outside" "interface" IP address as the PAT address

So its a basic Dynamic PAT translations for the hosts behind "DMZ" interface and accepts any source address/network you might have behind "DMZ"

- Jouni

0 Helpful

Go to solution
mahesh18
Level 6
Level 6
In response to Jouni Forss

‎06-30-2013 11:41 AM

Thanks Again

Regards

MAhesh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card