static PAT

aksher · ‎01-15-2007

is this a valid static PAT

access-list permit 100 tcp any host 10.1.1.1

static(in,out) tcp 10.1.1.1 80 10.2.2.2 80

access-list permit 100 tcp any host 10.1.1.1

static(in,out) tcp 10.1.1.1 53 10.2.2.3 53

Collin Clark · ‎01-15-2007

I think you mean NAT.

access-list permit 100 tcp any host 10.1.1.1

Should be access-list permit 100 tcp any host 10.1.1.1 eq 80

static(in,out) tcp 10.1.1.1 80 10.2.2.2 80

This is OK assuming the IP's are correct.

access-list permit 100 tcp any host 10.1.1.1

Again make more restrictive!!

static(in,out) tcp 10.1.1.1 53 10.2.2.3 53

This is OK (this is for DNS zone transfers you know)

HTH and please rate.