×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Pat Outside to Inside on PIX 525

Unanswered Question
Sep 23rd, 2003
User Badges:

Is the following configuration supported ?


PIX Version 6.3(1)

nameif ethernet0 outside security0

nameif ethernet1 support security95

nameif ethernet3 inside security100

.

access-list support-in permit tcp any host My_Host eq www

access-list support-in permit icmp any any

.

global (inside) 2 interface

nat (support) 2 172.24.1.0 255.255.255.0 0 0

.

access-group support-in in interface support

!


Basically I am trying to perform PAT from Low security to high security. It does not seem to work based on the configs above as the capture output shows the requested from low-to-high going out unchanged


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
wsitu Tue, 09/23/2003 - 10:12
User Badges:

We ran into a similar situation with Pix v6.2(2). After talking to TAC, here is our solution.


global (inside) 2 172.28.100.10

nat (outside) 0 access-list 101 outside

nat (outside) 2 192.187.81.0 255.255.255.192 outside 0 0


access-list 101 deny ip 192.187.81.0 255.255.255.192 any

access-list 101 permit ip any any

ayman Tue, 09/23/2003 - 10:24
User Badges:

Thanks !


Tha worked for me, I was missing the [outside] keyword after the NAT pool


Appreciated


Ayman

Actions

This Discussion