05-13-2007 02:35 AM - edited 03-11-2019 03:13 AM
Hi,
Kindly Indicate for below scenario, Static necessary or not for Inbound Conncetion If I need to hide my Internal IP Address to Outisde Users.
I am not able to access my Inside Server.
nameif ethernet0 outside security0
nameif ethernet1 inside security100
ip address outside 192.168.1.3 255.255.255.0
ip address inside 3.x.x.2 255.255.0.0
access-list no_nat_inside permit ip any any
access-list outside_acl permit icmp any any
access-list outside_acl permit ip 192.168.1.0 255.255.255.0 host 192.168.1.102
access-list inside_acl permit icmp any any
access-list inside_acl permit ip 3.142.0.0 255.255.0.0 192.168.1.0 255.255.255.0
nat (inside) 0 access-list no_nat_inside
static (inside,outside) 192.168.1.102 3.142.125.10 netmask 255.255.255.255 0 0
access-group outside_acl in interface outside
access-group inside_acl in interface inside
05-13-2007 02:44 AM
If you have one WAN address you can use PAT.
nat (inside) 1 0 0
global (outside) 1
If you have a server that needs to be accessible from the Internet, then use a static nat translation.
static (inside,outside) 192.168.1.102 3.142.125.10 netmask 255.255.255.255
then permit access...
access-list outside_acl permit ip any host 192.168.1.102
05-13-2007 04:23 AM
Hi,
In the first case, No nat is not reqd. Am I rt?
With out static Nat can I access the Inside server??
05-13-2007 02:45 AM
Hi
If you want to hide the internal IP address of the server then ys you need a static translation.
Jon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: