Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Policy Nating Rule on Cisco Firewall

Hi ,

I have a Cisco Firewall device. I have a server to the LAN side to the firewall. I want to put a nating rule [static (inside,outside) tcp 2.2.2.2 smtp 192.168.30.202 smtp netmask 255.255.255.255] to the device. But it was giving an error (Error: Static PAT using the interface requires the use of the 'interface' keyword instead of interface IP address).

Please tell me how I can put this rule to my firewall.

 

Please find the attachment for running configuration of the Cisco device.

Note: 1.1.1.1-6.6.6.6 are representing public ip.

Everyone's tags (1)
1 REPLY
Hall of Fame Super Silver

As the error message notes,

As the error message notes, your setup is actually static PAT, not policy NAT. Policy NAT would use an access-list. the concept is explained here and the cli syntax is here.

Try:

static (inside,outside) tcp interface smtp 192.168.30.202 smtp netmask 255.255.255.255

35
Views
0
Helpful
1
Replies
CreatePlease to create content