02-21-2008 10:33 AM - edited 03-11-2019 05:06 AM
I am wondering if below configuration is possible , Supposing hostA is behind pixA firewall wants to communicate to HostB behind Pix B , source IP (192.168.1.2) should be Natted to 172.16.1.2 ,however if it needs to connect to internet it can go as (192.168.1.2).This should be true on Host B also ,Is it possible to accomplish by policy Nat and without having to use static command .
Any help will be greatly appreciated
02-21-2008 10:36 AM
02-21-2008 11:14 AM
(192.168.1.2) should be Natted to 172.16.1.2
This should work.. Try this on A...
access-list pnat extended permit ip host 192.168.1.2 host 192.168.2.2
static (inside,outside) 172.16.1.1 access-list pnat
nat (inside) 1 192.168.1.0 255.255.255.0
global (outside) 1 interface
This is all assuming that you have the routing setup correctly to route the 172.16.1.0/24 addresses.
02-21-2008 11:41 AM
Thanks a ton , this is what i was looking for .
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide