04-18-2012 04:52 AM - edited 03-11-2019 03:55 PM
nat (inside) 2 0.0.0.0 0.0.0.0
global (outside) 2 202.1.1.2
access-list acl extended permit ip any host 202.1.1.2
access-list policy exetended permit ip 10.10.10.1 192.168.1.1
global (inside) 5 172.16.1.1 netmask 255.255.255.255
nat (outside) 5 access-list policy
requirement is whenever the lan ip goes out it should be natted to 202.1.1.2
and whenever the source 10.10.10.1 goes to 192.168.1.1 the destination ip should be changed to 172.16.1.1
does it work ?
04-19-2012 02:23 AM
Hi all
Is this possible ?
04-19-2012 02:57 AM
Yes, you have the configuration correct. It should work. But you need to add the outside keyword in the nat statement.
access-list policy exetended permit ip host 10.10.10.1 host 192.168.1.1
global (inside) 5 172.16.1.1 netmask 255.255.255.255
nat (outside) 5 access-list policy outside
Thanks,
Varun
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide