Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

nat (inisde) 0 and static configuration.

hi,

We need to do following configuration for nat (inside) 0 nonat and static for the same host.

We are configuring Site-to-site VPN between two hosts.

host1=a.b.c.d

host2= p.q.r.s ( at destination location )

For this following configuration is proposed :

access-list nonat permit ip host a.b.c.d host p.q.r.s

nat (inside) 0 access-list nonat.

In another requirement it is required that this host a.b.c.d needs to be accessed from outside on some of the ports. For that we plan to add following static entry

static (inside,outside) Public-Static_IP a.b.c.d

And corresponding permit access list on outside interface.

Will this work together as same host is being accessed in two processes.

Please share the experience.

Can such configuration is possible on ISR 3800 series?

Thanks in advance.

Subodh

1 REPLY
Silver

Re: nat (inisde) 0 and static configuration.

It sounds like it would work to me.

On the ASA the NAT order of operations takes a nat 0 with an access-list before a static <http://cco.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/nat_overview.html#wp1079279>

I'm not sure about IOS

112
Views
0
Helpful
1
Replies
CreatePlease to create content