Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
407
Views
4
Helpful
1
Replies

Static command on PIX

kuldeep.kaur
Level 1
Level 1

‎09-02-2009 09:23 PM - edited ‎03-11-2019 09:11 AM

Hi Guys,

I am confused about the use of the static command on the PIX. Let says you have the following command on the pix:

static (inside,Smtp_DMZ) 10.150.243.243 10.150.250.10 netmask 255.255.255.255

What does it mean

Does it mean anything from inside 10.150.250.10 get translated to 10.150.243.243 when going to DMZ or otherway around.

Please help me to understand the static command.

Tks

Labels:
0 Helpful
1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

‎09-02-2009 09:34 PM

Kuldeep

A static NAT is bi-directional so it actually means 2 things -

1) the device on the inside with an IP address of 10.150.250.10 will be translated to 10.50.243.243 if it sends packets to a device on the Smtp_DMZ

2) if a device on the Smtp_DMZ sends packets to 10.150.243.243 then the destination IP address will be translated to 10.150.250.10 and sent to the inside device

The static statement is a little confusing to be honest. The logical assumption would be that the IP addresses in the static statement are written in the same order as the interfaces ie.

static (inside,outside) "inside IP address" "outside IP adddress"

but in fact the IP addresses are written in reverse order ie.

static (inside,outside) "outside IP address" "inside IP address"

it's just one of those things you have to get to used to i'm afraid.

Jon

Review Cisco Networking for a $25 gift card
Top