pix firewall nat question

Unanswered Question
Feb 15th, 2008
User Badges:

Hi,

I'm learning to configure cisco pix firewallas and found following global NAT pool example in cisco page:


global (outside) 1 200.100.100.110-200.100.100.150 netmask 255.255.255.0



I'm wondering why cisco in examples netmask field is included besides the address range. (it is obvious when it is included beside single IP, but with address range it is something nonsensical )

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
shivlu jain Sun, 02/17/2008 - 04:48
User Badges:
  • Silver, 250 points or more

Its not a nonsensical because with the netmask you can define the range



regards

shivlu

simaskvilius Sun, 02/17/2008 - 04:52
User Badges:

What range ?

Range is already difined in statement 200.100.100.110-200.100.100.150 (from 110 to 150)


bmcginn Sun, 02/17/2008 - 15:01
User Badges:
  • Bronze, 100 points or more

What if you DON'T want to NAT 200.100.100.115/22?


The NAT statement 200.100.100.110-200.100.100.150 netmask 255.255.255.0 will only NAT 200.100.100.110-150/24.


It won't NAT the same IP address with a different mask. Therefore it allows for greater control over the NAT.


Hope that helps.

kittu.mbk@gmail.com Sun, 02/17/2008 - 22:31
User Badges:

hi dude

cisco wants it's students to be very clear about what they are learning, and no specific reason for it.

any way my yahoo id is kittumcp@yahoo.com.

hope we discuss more issues

Actions

This Discussion