Re: Cannot access external network w/o static NAT - help!

CSCO10662744_2 · ‎12-21-2005

I was working on our Pix firewall and noticed an entry that maps a server's internal IP to an external public IP through static NAT.

I then deleted that entry because the server is one of our Windows DC's and I don't see why it has to be made available outside of our internal network.

After I removed that line, the server cannot access anything but our internal network. So I put that line back and the connection is back.

Why would static NAT affect whether or not that server can access external networks??

jackko · ‎12-21-2005

except the static nat, just wondering if general nat/global is configured, such as:

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

if not, please apply these commands. if these already exist, then give the deletion another go. issue "clear xlate local " after the deletion of the static nat statement.

CSCO10662744_2 · ‎12-22-2005

General NAT is configured - we have regular NAT for our internal network, and some other static NAT entries.

It was acting weird probably cause I didn't issue the "clear xlate" command to clean up the NAT session after the removal of that particular static NAT entry.

Thanks for pointing it out.

jackko · ‎12-22-2005

welcome. let us know how you go.