cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
414
Views
1
Helpful
1
Replies

Simple NAT of inside interface from outside

global-gossip
Level 1
Level 1

Just when I think I've got my head around nat, global and static commands i find myself struggling to get this 'simple' config working...

I have a pretty default config:

interface Vlan1

nameif inside

security-level 100

ip address 10.20.30.50 255.255.255.0

!

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0

static (inside,outside) 10.20.30.0 10.20.30.0 netmask 255.255.255.0

I can ping from inside host to outside host and vice versa.

All i want to change is to NAT all traffic coming from the outside network on the inside interface so if i start to ping a host on the inside network from the outside, the traffic appears to come from 10.20.30.50 (my inside interface IP).

I'd appreciate any help.

1 Accepted Solution

Accepted Solutions

Julio Carvajal
VIP Alumni
VIP Alumni

Hello Eshan,

You will need to do

global (inside) 1 interface

nat (outside) 1 0 0 outside

Do no forget the outside keyword at the end.

Also you will need to allow the traffic via an ACL on the outside interface

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

Hello Eshan,

You will need to do

global (inside) 1 interface

nat (outside) 1 0 0 outside

Do no forget the outside keyword at the end.

Also you will need to allow the traffic via an ACL on the outside interface

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: