Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
346
Views
0
Helpful
3
Replies

global statement

Go to solution
ahensel
Level 1
Level 1

‎11-21-2004 06:25 PM - edited ‎03-09-2019 09:31 AM

have a netmask question as it pertains to global statements. as an example, if i configure a global statement such as global (outside) 1 192.168.50.40 netma k 255.255.255.248, will 192.168.5.47 be included in the pool?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
scoclayton
Level 7
Level 7

‎11-21-2004 06:47 PM

Well, the statement above that you listed is a PAT translation...meaing, there is no pool. Just the single address. So, to answer your question, no, .47 will not be included.

However, let's assume you meant to say something like this:

global (outside) 1 192.168.50.40-192.168.50.47 netmask 255.255.255.248

In this case, yes, .47 will be used as part of the NAT pool so make sure this is what you want to do. In other words, you probably do no want to do this if there is a chance that the upstream router migh treat this address as a destination address when the remote host reponded.

Scott

View solution in original post

0 Helpful
3 Replies 3

Go to solution
ehirsel
Level 6
Level 6

‎11-21-2004 06:34 PM

I do not believe so. From the pix 6.3 command ref for the global command:

no] global [(if_name)] nat_id {global_ip [-global_ip] [netmask global_mask]} | interface

The network mask for global_ip. If subnetting is in effect, use the subnet mask; for example, 255.255.255.128. If you specify an address range that overlaps subnets, global will not use the broadcast or network addresses in the pool of global addresses. For example, if you use 255.255.255.224 and an address range of 209.165.201.1-209.165.201.30, the 209.165.201.31 broadcast address and the 209.165.201.0 network address will not be included in the pool of global addresses.

Thus the .47 and the .40 addresses will not be included in the pool.

0 Helpful

Go to solution
scoclayton
Level 7
Level 7

‎11-21-2004 06:47 PM

Well, the statement above that you listed is a PAT translation...meaing, there is no pool. Just the single address. So, to answer your question, no, .47 will not be included.

However, let's assume you meant to say something like this:

global (outside) 1 192.168.50.40-192.168.50.47 netmask 255.255.255.248

In this case, yes, .47 will be used as part of the NAT pool so make sure this is what you want to do. In other words, you probably do no want to do this if there is a chance that the upstream router migh treat this address as a destination address when the remote host reponded.

Scott

0 Helpful

Go to solution
ahensel
Level 1
Level 1
In response to scoclayton

‎11-21-2004 07:17 PM

got it. thanks for your input.

0 Helpful
Customers Also Viewed These Support Documents