Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

Destination based Natting in PIX 515

I have situation where I need to do natting based on destination addresses in PIX 515. I know this is quite easy in routers but never did on PIX so I want to know is this possible? If it is then what is the command for this?

4 REPLIES
Hall of Fame Super Blue

Re: Destination based Natting in PIX 515

Could you give an example with IP addresses of what exactly you are trying to do ?

Jon

Bronze

Re: Destination based Natting in PIX 515

suppose packet from hosts(1.1.1.X) comes into PIX's inside interface for destination 192.168.10.2, this destination address should be rewrite to 10.10.10.1 while packet traverse outside interface of the PIX.

Bronze

Re: Destination based Natting in PIX 515

Use policy NAT

access-list policy_NAT ext permit ip 1.1.1.0 255.255.255.0 host 192.168.10.2

static (inside,outside) 10.10.10.0 access-list policy_NAT

Keep in mind that you cannot policy NAT multiple inside hosts to a single IP. You'll need to specify a classful network in the static statment.

Bronze

Re: Destination based Natting in PIX 515

If I specify classful network in static statement then what will be destination IP after translation? You mean to say for packets having source as 1.1.1.x and destination as 192.168.10.2, destination will be rewrite to 10.10.10.x after translation where x will be the same integer in both source and destinatin?

134
Views
0
Helpful
4
Replies