Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Bi-Directional NAT


In the PIX v6.2, exist the feature "Bi-Directional NAT". I try, following the Cisco page, and doesn't work.

Somebody have a "working" conf.


// Waldemar Pera

  • Other Security Subjects
New Member

Re: Bi-Directional NAT

the link you quoted has all the required commands. make sure you have "static (outside,inside) ..." and an access list or conduit command to permit the required traffic.

New Member

Re: Bi-Directional NAT

Hi Peter,

I will attempt explaint to you my situation:

Net ------Out | PIX| In ------------ Net

In the Net(In), I have a PC I whish that PC see only the Net(In), but also exist a PC that go to Net(Out) like

The users to come from the owner net and from (or wherever), but these need change to for contact with

This my "test" conf:

Bi-NAT# sh run


access-list TODO permit ip any any

access-list TODO permit icmp any any

! (TODO is ALL in Spanish)


ip address outside

ip address inside


global (outside) 5

global (inside) 1

nat (outside) 1 0 0

nat (inside) 5 0 0

static (inside,outside) netmask 0 0

access-group TODO in interface outside

route outside 1


(Of course: The PC have a IP route to through

Thanks .....

This widget could not be displayed.