Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

two static nat order of operation

If a new packet(192.168.10.10 source ip from inside to outside) comes into a FWSM, which public ip address will be translated ?

FWSM(config)# static (inside,outside) 209.165.200.226 192.168.10.10 netmask 255.255.255.255

FWSM(config)# static (inside,outside) 209.165.200.232 192.168.10.0 netmask 255.255.255.248

Please tell me how will be working and a reason why

3 REPLIES

Re: two static nat order of operation

Unless there is an existing xlate for that address, 192.168.10.10 should be translated to 209.165.200.226 because the order of operation between statics is first match wins.

Could you enter the commands without an error?

New Member

Re: two static nat order of operation

there was no error when i enter the commands.

is the order of operation matching first in a whole nat-static configuration? not loggest match ?

New Member

Re: two static nat order of operation

Hi,

Why dont u verify the xlate .

Please issue the following command to check out

sh xl loc 192.168.10.10

In case there is already an existing translation for that we can use the following to clear the xlate table cl xl loc 192.168.10.10

and recheck it again

Raj

984
Views
0
Helpful
3
Replies