Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
749
Views
0
Helpful
9
Replies

PIX 515 NAT config from outside to inside

Go to solution
mahesh18
Level 6
Level 6

‎03-22-2016 08:58 AM - edited ‎03-12-2019 12:32 AM

Hi Everyone,

I need to config ACL for traffic flow from outside to inside in PIX515.

Need help on NAT config for this?

Regards

MAhesh

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee

‎03-22-2016 09:12 AM

Hi Mahesh,

You need to more specific with the requirements.

Here is an example:

static (inside,outside) MAPPED IP REAL IP netmask 255.255.255.255

Regards,

Aditya

Please rate helpful posts.

View solution in original post

0 Helpful

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee
In response to mahesh18

‎03-22-2016 11:07 AM

Yes this is called a STATIC Identity NAT.

So you would access the internal IP from outside as the original IP.

Yes this would would work.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee

‎03-22-2016 09:10 AM

Here is a doc for your reference:-

http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/12496-28.html#topic12

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
0 Helpful

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee

‎03-22-2016 09:12 AM

Hi Mahesh,

You need to more specific with the requirements.

Here is an example:

static (inside,outside) MAPPED IP REAL IP netmask 255.255.255.255

Regards,

Aditya

Please rate helpful posts.

0 Helpful

Go to solution
mahesh18
Level 6
Level 6
In response to Aditya Ganjoo

‎03-22-2016 09:16 AM

Say if source from outside is 10.40.x.x and inside is 174.24.x.x

what config should i put then?

Regards

MAhesh

0 Helpful

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee
In response to mahesh18

‎03-22-2016 09:22 AM

Hi Mahesh,

Here is the command you would use:

static (inside,outside) <mapped IP> <174.24.x.x>

Source from outside can be anything but you need to specify the IP the user would access from outside.

Also on the outside ACL you need to allow source as any and destination would be the MAPPED IP.

Regards,

Aditya

Please rate helpful posts.

0 Helpful

Go to solution
mahesh18
Level 6
Level 6
In response to Aditya Ganjoo

‎03-22-2016 09:37 AM

what IP should i put under mapped ip?

0 Helpful

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee
In response to mahesh18

‎03-22-2016 09:41 AM

Hi Mahesh,

The IP you would use to access the inside server from outside.

So lets say I have a server on the inside 10.1.1.1 and I want it to access it from outside using a public IP 1.1.1.1.

So my nat would be:

static (inside,outside) 1.1.1.1 10.1.1.1 

Remember I can come from any IP from outside.

Regards,

Aditya

0 Helpful

Go to solution
mahesh18
Level 6
Level 6
In response to Aditya Ganjoo

‎03-22-2016 10:19 AM

if i use this command

static (inside,outside) 174.24.x.x  <174.24.x.x> netmask 255.255.255.255 

this will do no nat right?

0 Helpful

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee
In response to mahesh18

‎03-22-2016 11:07 AM

Yes this is called a STATIC Identity NAT.

So you would access the internal IP from outside as the original IP.

Yes this would would work.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

0 Helpful

Go to solution
mahesh18
Level 6
Level 6
In response to Aditya Ganjoo

‎03-22-2016 12:21 PM

Many thanks !

Regards

Mahesh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card