Re: pix firewall nat problem

swapnamkj · ‎12-16-2004

Hi

I have 2 set of ips in router . i put one set ips in my firewall in gloabl 1 and put the nat and static rotue for that . It working fine

I Try to give otherset of ips in my pix firewall

in gloabl 2 pool and do the samething for the 2nd set of ips

its not working in my firewalll

its anything else do for that

global (outside) 2 x.x.x.x netmask 255.255.255.248

global (outside) 1 y.y.y.y

nkhawaja · ‎12-17-2004

the problem seems to be, when you try to define nat (inside) 2, right?

if so, this will not work. you have to try to use policy nat

thanks

swapnamkj · ‎12-17-2004

Hi

Thanks For Response . Can you give one example .

Pl tell me why its not working with default nat and global commands .

Thanks In advance

swapnamkj · ‎12-17-2004

Hi

i try ploicy nat in my firewall pl look this

#access-list outside_access permit tcp 192.168.0.1 255.255.255.255 10.100.102.250 255.255.255.255 eq www

#nat (inside) 2 access-list outside_access

but its failed its give the below error msg

WARNING: access-list protocol or port will not be used

ERROR: invalid nat ID, <2>, with access-list

this is my nat list

nat (inside) 0 access-list inside_outbound_nat0_acl

nat (inside) 1 192.168.0.0 255.255.255.255 0 0

nat (inside) 0 0.0.0.0 0.0.0.0 0 0

can you help me for this issue