Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

NAT inside with diferent IP that overload

Hi all,

I have a mail server that I need it to have access from the outside (that is done), but I also need it to get out with that same address (different from the interface overload address) and here is the problem. I have to use the static with a route map so I can access the mail server from my other location using the VPN (other wise it will be nated and unreachable).

I have this:

ip nat inside source static 192.168.60.250 210.xxx.xxx.xxx route-map NAT_179

!

ip access-list extended NAT_179

deny ip 192.168.60.0 0.0.0.255 192.168.60.0 0.0.0.255

deny ip 192.168.60.0 0.0.0.255 192.168.1.0 0.0.0.255

deny ip 192.168.60.0 0.0.0.255 192.168.2.0 0.0.0.255

deny ip 192.168.60.0 0.0.0.255 192.168.20.0 0.0.0.255

deny ip 192.168.60.0 0.0.0.255 192.168.30.0 0.0.0.255

deny ip 192.168.1.0 0.0.0.255 192.168.60.0 0.0.0.255

deny ip 192.168.2.0 0.0.0.255 192.168.60.0 0.0.0.255

deny ip 192.168.20.0 0.0.0.255 192.168.60.0 0.0.0.255

deny ip 192.168.30.0 0.0.0.255 192.168.60.0 0.0.0.255

deny ip 192.168.10.0 0.0.0.255 192.168.60.0 0.0.0.255

deny ip 192.168.60.0 0.0.0.255 192.168.10.0 0.0.0.255

permit ip any any

Any idea on how I can do this?

Regards

Edit: problem solved, just a matter of ACL

247
Views
0
Helpful
0
Replies
CreatePlease to create content