01-13-2009 02:50 AM - edited 03-06-2019 03:24 AM
I have a server 10.1.2.5 which is on a 10.1.0.0 network and have users located in another network - 192.168.0.0. I need these (192.168) users to be able to reach this server. Assuming that the INSIDE network is the 192.168.0.0 network I assume I want to set-up a static nat translation on this network to enable users in 192.168.0.0 to reach this server. I am assuming that the syntax is going to be âip nat (inside, outside) 10.1.2.5 192.168.2.5â
This says in plain English âAny requests coming from the inside network ie 192.168.0.0 to the host 10.1.2.5 should be translated to a new host address of 192.168.2.5â.
The request then gets routed to the 192.168 network and is forwarded to the 192.168.2.5 server.
IS THIS SYNTAX CONFIG CORRECT ?
thanks
01-13-2009 03:52 AM
from above command it looks like ASA or pix
for the static nat
it works tow way
if ur inside network is in subnet 192.168
and outside is 10.1
and u have server in the outside with ip 10.1.2.5
and u use the bellow nat line
static (inside, outside) 10.1.2.5 192.168.2.5
lets say the inside network is 192.168.2.0
ant host in the inside network send traffic to 192.168.2.5 will be trnslated to 10.1.2.5 and sent to that server and vice versa for returne traffic
by the wayt make sure ur trafic not block in or out
good luck
hope this helps
01-13-2009 04:01 AM
if u r accessing from inside to dmz then u dont need natting, if its from inside to outside netwrok u have to NAT
--srini
01-13-2009 01:08 PM
hi guys
if the access fron inside to DMZ nating should be used it nat control enabled on the firewall
static nat work tow ways
if u use nat 0 nat exmption u can exmpt nat
nat identity works one way
and nating with extended ACL works tow ways
regarding that these and ACL to permit traffic
hope this helps
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: