Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Policy Nat


I want to configure my pix firewall 7.x in a way

but when subnet access sthat when subnet access the server located in DMZ they access it as it is.ame server in dmz they access it via ip

means i want to do static translation of into only for the subnet

rest all networks access it with original IP from outside network.

Please tell me how to do the policy nat/static.

I will be very greatful to u.


Re: Policy Nat

What I can understand from your posting is :

Outside subnet -

DMZ server ip -

when access it should be redirected to

access-list PNAT-ACL permit ip host

static(DMZ,Outside) access-list PNAT-ACL

Hope this helps.

New Member

Re: Policy Nat

thanks for the reply,

i want server to be access by subnet as

and for subnet it is available on the original IP.

Both user subnet are located inside interface of firewall. and Server is located in dmz.

Right now this server is available for everyone on

static(inside,edn) netmask

But now few applications in subnet are having problem they want to access this server on real IP.

that is the reason i want to translate this server only for and also be available as original Ip for subnet.

CreatePlease login to create content