Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Policy Nat

I am wondering if below configuration is possible , Supposing hostA is behind pixA firewall wants to communicate to HostB behind Pix B , source IP (192.168.1.2) should be Natted to 172.16.1.2 ,however if it needs to connect to internet it can go as (192.168.1.2).This should be true on Host B also ,Is it possible to accomplish by policy Nat and without having to use static command .

Any help will be greatly appreciated

3 REPLIES
New Member

Re: Policy Nat

Let me know if this is possible

Silver

Re: Policy Nat

(192.168.1.2) should be Natted to 172.16.1.2

This should work.. Try this on A...

access-list pnat extended permit ip host 192.168.1.2 host 192.168.2.2

static (inside,outside) 172.16.1.1 access-list pnat

nat (inside) 1 192.168.1.0 255.255.255.0

global (outside) 1 interface

This is all assuming that you have the routing setup correctly to route the 172.16.1.0/24 addresses.

New Member

Re: Policy Nat

Thanks a ton , this is what i was looking for .

142
Views
5
Helpful
3
Replies
CreatePlease to create content