He would like to use the NAT feature of the FWSM to create more ip addresses. One IP on the outside is translated into a range of IP adddresses on the inside.

My customer gave me one of the last IP addresses he has, which is 192.13.252.115, and wants me to place in on the external interface. He wants that one IP address to translate to a range of IP addresses on the inside (192.168.1.1 to 192.168.1.254 with a Class C subnet). Yet, he is hoping that the other static IPs in the 192.13.252.0 range don't need to be static changed. Since the FWSM is a module, there are no physical interfaces so it uses VLANs. If the outside VLAN is VLAN 5 and the inside VLAN is VLAN 55, will NAT be available on a workstation connected to a port that is on VLAN 55?

Thanks for ignoring my question. This forum is useless

Mark

Sincere apologies for not responding. Sometimes due to pressures of work etc. i lose track of a thread. If this is still a problem i would be more than happy to try and sort this out with you.

I'm still a little unclear as to what you are asking. Yes you can use a single IP address on the outside interface of the FWSM and NAT all the clients on the inside interface to that IP address. What you cannot do with this setup is initiate connections from outside to a client on vlan 55 because there is not static translation set up. But it works fine if the clients on vlan 55 initiate the connection.

Does this answer your question ?

Once again apologies, these forums are usually very helpful.

Jon

What I understand by you question is u want do dynamic nat in FWSM and it is possible if u are using single contaxt mode.

Offcourse nat will be there for any PC which is connected on VLAN 55.

And this will work only if ur initiating the connection from vlan 55.