Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT-ing to an address not on the Outside Interface

What happens to return traffic when one NATs from the inside interface to the outside interface and the global address is not on the outside interface. eg

(inside local 10.0.0.0/24)10.0.0.1<--in_int_1---(PIX/ASA)---out_int_0--->209.165.201.0/24<----(router)------>172.16.1.1

NAT 10.0.0.2 to 172.16.1.2

How is return traffic from 172.16.1.0/24 sent to 10.0.0.0/24? Or what should be configured on the devices to allow return traffic?

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: NAT-ing to an address not on the Outside Interface

Hi

It's a little unclear as to the setup you are describing. i think what you are asking is if you use an IP address out of a different subnet from the one used on your outside pix to present the inside server.

This will work fine as long the routing for that subnet points back to the pix. So the external router would need to know that the IP address that you have used can be reached via the external interface of the pix.

Does this make sense and have i explained it clearly enough ?

HTH

Jon

2 REPLIES
Hall of Fame Super Blue

Re: NAT-ing to an address not on the Outside Interface

Hi

It's a little unclear as to the setup you are describing. i think what you are asking is if you use an IP address out of a different subnet from the one used on your outside pix to present the inside server.

This will work fine as long the routing for that subnet points back to the pix. So the external router would need to know that the IP address that you have used can be reached via the external interface of the pix.

Does this make sense and have i explained it clearly enough ?

HTH

Jon

New Member

Re: NAT-ing to an address not on the Outside Interface

Thanks Jon. Your post was helpful.

103
Views
5
Helpful
2
Replies