Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Static Policy

Hi,

I need to NAT an internal server and allow only certain ports open. After creating access-lists for these ports, should I still enable PAT (for the said ports) in the NAT configuration?

Thanks!

2 REPLIES

Re: Static Policy

Hi Patricia,

If you applied a one-to-one NAT like following

static (inside,outside) publicip localip netmask 255.255.255.255

Then you dont need to specify these ports individually.

But if you applied PAT, you should forward these ports as following

static (inside,outside) tcp interface portno localip portno netmask 255.255.255.255

Regards

Community Member

Re: Static Policy

Ok, thanks!

128
Views
0
Helpful
2
Replies
CreatePlease to create content