Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
338
Views
0
Helpful
3
Replies

A NAT QUESTION - is this sensible?

peter-net
Level 1
Level 1

‎01-13-2009 02:50 AM - edited ‎03-06-2019 03:24 AM

I have a server 10.1.2.5 which is on a 10.1.0.0 network and have users located in another network - 192.168.0.0. I need these (192.168) users to be able to reach this server. Assuming that the INSIDE network is the 192.168.0.0 network I assume I want to set-up a static nat translation on this network to enable users in 192.168.0.0 to reach this server. I am assuming that the syntax is going to be “ip nat (inside, outside) 10.1.2.5 192.168.2.5”

This says in plain English “Any requests coming from the inside network ie 192.168.0.0 to the host 10.1.2.5 should be translated to a new host address of 192.168.2.5”.

The request then gets routed to the 192.168 network and is forwarded to the 192.168.2.5 server.

IS THIS SYNTAX CONFIG CORRECT ?

thanks

Labels:
0 Helpful
3 Replies 3

Marwan ALshawi
VIP Alumni
VIP Alumni

‎01-13-2009 03:52 AM

from above command it looks like ASA or pix

for the static nat

it works tow way

if ur inside network is in subnet 192.168

and outside is 10.1

and u have server in the outside with ip 10.1.2.5

and u use the bellow nat line

static (inside, outside) 10.1.2.5 192.168.2.5

lets say the inside network is 192.168.2.0

ant host in the inside network send traffic to 192.168.2.5 will be trnslated to 10.1.2.5 and sent to that server and vice versa for returne traffic

by the wayt make sure ur trafic not block in or out

good luck

hope this helps

0 Helpful

ciscosrini369
Level 1
Level 1

‎01-13-2009 04:01 AM

if u r accessing from inside to dmz then u dont need natting, if its from inside to outside netwrok u have to NAT

--srini

0 Helpful

Marwan ALshawi
VIP Alumni
VIP Alumni
In response to ciscosrini369

‎01-13-2009 01:08 PM

hi guys

if the access fron inside to DMZ nating should be used it nat control enabled on the firewall

static nat work tow ways

if u use nat 0 nat exmption u can exmpt nat

nat identity works one way

and nating with extended ACL works tow ways

regarding that these and ACL to permit traffic

hope this helps

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card