cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
311
Views
0
Helpful
1
Replies

PIX/ASA static nat command

nsheridan
Level 1
Level 1

Hello fellow ciscoers,

My question relates to the use of the netmask command within the PIX/ASA. When used does this only translate the appropriate bits in the original ip address to the desired NAT address? For example:

If configure as follows:

static (inside,outside) 192.168.100.0 123.123.123.0 netmask 255.255.255.0

Then i send a packet with a source IP of say 192.168.100.50 through, then will the NAT address end up as 123.123.123.50.

Hence with a netmask of 24 bits will it not translate octect 4, and hence leave my "host bits" alone?

Thanks to all in advance

cheers nik

1 Reply 1

richf
Level 1
Level 1

You are correct. Many times people will do one to one translations doing exactly the same things but keeping the inside and outside IP's the same. This is sometimes done on internal firewalls where you do not want to translate any addresses.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: