12-01-2004 01:31 PM - edited 03-09-2019 09:37 AM
Will NAT 0 allow a specific inside address make an outbound connection with no other configuration or do you have to combine its use with a nat (inside) 1 / global (outside) 1 pair?
NAT 0 10.2.2.10 for example.
Thanks.
Jon
12-01-2004 02:27 PM
With "nat 0" the inside host will be able to make an outside connection with no other configuration. Keep in mind that the host address will be untranslated though, so be careful with using it on private IP addresses.
12-01-2004 04:06 PM
Can you specify nat 0 with a subnet as opposed to an individual host? I'm using a PIX to separate a production from a QA network.
12-01-2004 09:24 PM
hello patty,
it depends on the access-list that you configure to bind on the NAT 0. you can either allow a host or a subnet with NAT 0.. you can also specify a specific destination and port if you want.. example:
nat (inside) 0 access-list nonat
access-list nonat permit ip 192.168.100.0 255.255.255.0 10.1.1.0 255.255.255.0
access-list nonat permit ip host 192.168.200.0 host 10.2.2.1
any traffic from 192.168.100.0/24 to 10.1.1.0/24 will not be natted in the above case..
hope this helps.. all the best..
Raj
12-01-2004 09:25 PM
Sure you can. You can even do:
nat (inside) 0 0 0
to allow everything through without being NAT'd.
12-02-2004 11:08 AM
Thanks everyone for the replies. This clears it up for me. Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide