Static Policy

Unanswered Question
Apr 9th, 2008
User Badges:

Hi,


I need to NAT an internal server and allow only certain ports open. After creating access-lists for these ports, should I still enable PAT (for the said ports) in the NAT configuration?


Thanks!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
husycisco Thu, 04/10/2008 - 03:41
User Badges:
  • Gold, 750 points or more

Hi Patricia,

If you applied a one-to-one NAT like following


static (inside,outside) publicip localip netmask 255.255.255.255


Then you dont need to specify these ports individually.

But if you applied PAT, you should forward these ports as following


static (inside,outside) tcp interface portno localip portno netmask 255.255.255.255


Regards

Actions

This Discussion