04-07-2003 07:32 AM - edited 03-09-2019 02:48 AM
Hi,
I apoligize for my bad english!!
I must do a complex VPN between two pix where I must use NAT. However I have a problem with the NAT. In fact I want to relocate my subnet "10.0.1.0/24" towards a virtual network "20.0.1.0/24" . I will do it with this commands :
Global (outside) 20 20.0.1.0
Nat (inside) 20 access-list 120
with access-list 102 permit ip 10.0.1.0 255.255.255.0 20.0.1.0 255.255.255.0
But the pix don't want this commands because with an access-list, it accept only nat 0
I like to know how I can circumvent this problem
Thank you in advance,
Paul Martiny
04-07-2003 09:54 AM
If you use ¨Global (outside) 20 20.0.1.0¨, it´s not NAT, It´s PAT, instead you can use,
Global (inside) 20 20.0.1.0 255.x.x.x , Then,
Have you tried....
nat (inside) 20 10.x.x.x 255.x.x.x ???
Hope that helps u.
04-07-2003 10:35 PM
thank you for your advice, but i have already try this, but it doesn't run again.
Thank you anyway
Paul Martiny
04-09-2003 06:52 AM
If you want a one-for-one mapping, why not just use a static:
static (inside,outside) 20.0.1.0 10.0.1.0 netmask 255.255.255.0
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: