Well it's configured preety simple.

There is a NAT statement for my private IP's

Nat(inside) 1 10.0.0.0 255.255.255.0

& global(outside) 1 interface

It works well on this.

But for the following config it's not working.

Nat(inside) 2 10.0.0.1 255.255.255.255

global(outside) 2 1.1.1.2

There's ACL for permitting from INSIDE to OUTSIDE.

permit ip 10.0.0.1 255.255.255.255 any

permit ip 10.0.0.0 0.0.0.255 any.

you should do "clear xlate local 10.0.0.1" "clear local-host 10.0.0.1"

after that.

Hi,

Not sure what are you trying to achieve, but i a better setup will be:

Nat(inside) 1 10.0.0.0 255.255.255.0

Global(outside) 1 interface

Static (inside,outside)1.1.1.2 10.0.0.1 netmask 255.255.255.255

This will ensure 10.0.0.1 will be NATed to 1.1.1.2 while all the other 10.x.x.x addresses will be NATed to the outside interface IP.

Furthermore, now the 10.0.0.1 can be accessed from the Internet if it is a servers and if your Access-list allows it.

Please rate if this helped.

Regards,

Daniel

what I want is from certain subnet and from certain hosts I should be able to use a different global ip. This is for all outbound traffic only.

I even tried with (debug icmp trace) when I config diff global for nat the request comes on pix, it shows translating but no reply from the host located on the outside interface.

But when the outside interface is used for global i get a reply from the outside host.

Can u pl help.

I had a simular issue, it ended up being the default gateway of my client system not being setup properly. Check the default gateway of the client, it should be the outside ip address.