multiple interfaces NAT'ing question

cmazur · ‎01-21-2003

I'm running a PIX520 with 6.2 . Can you have an internal server that is NAT'd to one address going out one interface and NAT'd to a different address going out a different interface?

gfullage · ‎01-21-2003

Sure. Assuming your internal server is 10.1.1.1:

> static (inside,outside1) 1.1.1.1 10.1.1.1 netmask 255.255.255.255

> static (inside,outside2) 2.2.2.2 10.1.1.1 netmask 255.255.255.255

cmazur · ‎01-21-2003

Thanks for the quick response. Now can I Nat/Pat my internal network going out two different interfaces with two different NATs...

global (intf1) 1 167.102.230.1-167.102.230.20

global (intf1) 1 167.102.230.21

global (intf2) 2 167.102.232.1-167.102.232.20

global (intf2) 2 167.102.232.21

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

nat (inside) 2 0.0.0.0 0.0.0.0 0 0

cscales · ‎01-21-2003

Now, can you have the following?

global (outside) 1 100.x.x.x netmask 255.255.255.0

global (dmz) 1 200.x.x.x netmask 255.255.255.0

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

nat (dmz) 1 0.0.0.0 0.0.0.0 0 0

cmazur · ‎01-22-2003

Are you saying this is valid? It looks good to me and will work for me!

Thanks, Chuck