Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
250
Views
0
Helpful
1
Replies

nat problem in PIX515e

venancio.martinez
Level 1
Level 1

‎04-08-2005 03:07 AM - edited ‎03-09-2019 10:53 AM

We want to let clients from a more secure interface to start sessions to servers in a less secure interface. We want the clients to reach the server with no nat, that is, to maintain the same source address. We are using the PDM to configure the pix, and we define a dynamic nat from any in inside to "same address" in outside.

When we configure the nat, this error is shown:

[ERR]nat (inside) 0 0.0.0.0 0.0.0.0 0 0

nat 0 0.0.0.0 will be identity translated for outbound

We have configured a rule to access from interface inside to outside, too. But this communication doesn't work.

What is happening?

TIA

Labels:
0 Helpful
1 Reply 1

Patrick Iseli
Level 7
Level 7

‎04-08-2005 04:25 AM

Can you please post your nat, globals and replace the public IP with something like this x.x.x.1.

To disable NAT, lets say from inside to DMZ interface, you can configure a static like this example:

static (inside,dmz) InsideNet InsideNet netmask InsideSubnetMask 0 0

To access to that host from the inside to the DMZ host you use the DMZ Private IP.

sincerely

Patrick

0 Helpful
Customers Also Viewed These Support Documents