Solved: Re: PIX configuration with multiple NAT statements

ercanelibol · ‎10-16-2006

hi,

I have PIX running version 7.1(2). I use "nat 0" for all outbound traffic to bypass NAT. I have 5 different networks bypassing the PIX NAT. But I would like to apply NAT just for a new network without affecting other traffic. I want this new network to be translated to a specific routable IP.

is this a possible solution? I am trying to aplly NAT on only 10.1.1.0 255.255.255.0 network.

global (OUTSIDE) 1 192.168.1.2

nat (INSIDE) 1 10.1.1.0 255.255.255.0

nat (INSIDE) 0 0.0.0.0 0.0.0.0

Thanks

Ercan

a.kiprawih · ‎10-16-2006

It should work. I assumed the 192.168.1.2 is an IP belongs to the same range of outside interface/Public IP (assigned by ISP).

Your 'nat (inside) 1' and 'global (outside) 1' pair will correctly allow hosts on 10.1.1.0/24 to go out using the single IP, and skip the NAT 0.

HTH

AK

View solution in original post

a.kiprawih · ‎10-16-2006

It should work. I assumed the 192.168.1.2 is an IP belongs to the same range of outside interface/Public IP (assigned by ISP).

Your 'nat (inside) 1' and 'global (outside) 1' pair will correctly allow hosts on 10.1.1.0/24 to go out using the single IP, and skip the NAT 0.

HTH

AK

dpopli · ‎10-17-2006

Hi,

Please check for outside address 192.168.1.2

It is a private address and can not be provided by ISP

ercanelibol · ‎10-17-2006

thanks for the reply, I know it is a private address, I am just giving an config example. let me rewrite it again for you then. Do you think it is going to work?

global (OUTSIDE) 1 122.18.1.2

nat (INSIDE) 1 10.1.1.0 255.255.255.0

nat (INSIDE) 0 0.0.0.0 0.0.0.0

thanks

Ercan

ercanelibol · ‎10-18-2006

thanks. it worked.