Pix 501 nat pat multiple private networks

Unanswered Question
Sep 17th, 2007
User Badges:

I want to use pat on multiple vlans from our catalyst 4503. The vlan networks are,, etc. Would the inside (nat) 1 just be on the pix? But the inside pix int is, so not sure that the /16 mask would work. If not, any ideas? Thanks in advance and if anymore info is needed, let me know.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rajbhatt Mon, 09/17/2007 - 20:28
User Badges:


If u want the nat the entire inside address :

nat(inside) 0 0

global(outside) 1 interface and add access lists on the inside interface to blcck unwanted traffic.

U could also use :

nat (inside )1

global( outside) 1 interface

But a better config would be :

nat (inside) 1

nat (inside) 1

global(outside) 1 interface

Plz make sure u have an inside route for the network .

In case u want to use separte pat address then plz use :

nat (inside) 1

nat (inside) 2

global (outside) 1

global(outside) 2 and the route statement to the network


rhopkins_nci Tue, 09/18/2007 - 04:47
User Badges:

This config:

But a better config would be :

nat (inside) 1

nat (inside) 1

How many of the "nat (inside) 1 netid mask" can I have? I plan on having about 5 or 6 vlans. Do I just continue until Thanks Raj


This Discussion