Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT Question

My outside interface is 209.52.60.xx and my LAN (inside) is and my DMZ (DMZ) is I have nat working find for the inside interface, LAN uers can browse the internet with no issues. Futher I have port translation working for the inside network for some servers. In the DMZ I have port translation working for the Web server but the web server can't browse the internet. Nating does not work for the web server to browse the internet. I would really appreciate if someone can help me with this. I am stuppmed as what I am doing wrong.

here is the config

global (outside) 1 interface

nat (inside) 0 access-list inside_nat0_outbound

nat (inside) 1

nat (dmz) 1

Note: Inside network can browse the internet and port translation works

DMZ port translation works but unbale to browse the internet for host inside the DMZ.

Thank you all in advance.


Re: NAT Question

Hello Koshala

Isnt that the webserver should be accessed from outside ? In that case, you need to give a static , instead of doing a global PAT..

static (DMZ,outside) 209.x.x.x

doing this will enable both inbound and outbound access from/to internet..

If u just want outbound access, create a seperate global (outside) instance and it should then work fine..

Hope this helps.. all the best..


New Member

Re: NAT Question

Sorry the static command was entered previously. That is why users can browse the web server from outside. I can browse the internet from the DMZ.

static (dmz,outside) 209.52.x.x netmask

Re: NAT Question

so, ur issue is solved now ?


New Member

Re: NAT Question


Please check if you have assigned any access-list to your dmz interface, if yes permit your websever( to access internet



CreatePlease to create content