cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1546
Views
0
Helpful
3
Replies

two static nat order of operation

creamware
Level 1
Level 1

If a new packet(192.168.10.10 source ip from inside to outside) comes into a FWSM, which public ip address will be translated ?

FWSM(config)# static (inside,outside) 209.165.200.226 192.168.10.10 netmask 255.255.255.255

FWSM(config)# static (inside,outside) 209.165.200.232 192.168.10.0 netmask 255.255.255.248

Please tell me how will be working and a reason why

3 Replies 3

mattiaseriksson
Level 3
Level 3

Unless there is an existing xlate for that address, 192.168.10.10 should be translated to 209.165.200.226 because the order of operation between statics is first match wins.

Could you enter the commands without an error?

there was no error when i enter the commands.

is the order of operation matching first in a whole nat-static configuration? not loggest match ?

Hi,

Why dont u verify the xlate .

Please issue the following command to check out

sh xl loc 192.168.10.10

In case there is already an existing translation for that we can use the following to clear the xlate table cl xl loc 192.168.10.10

and recheck it again

Raj

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: