Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

extendable command on NAT translations

I see in some IOS Firewall configs where there is a command "extendable" at the end of the static translation. What purpose does this command serve, and/or is this necessary?

example -

ip nat inside source static tcp 10.6.1.67 5631 63.231.147.131 5631 extendable

1 REPLY
Silver

Re: extendable command on NAT translations

Hi,

one of the uses of "extendable" is to allow two inside global addresses for

a single inside local address.

Like,

ip nat inside source static x.x.x.x y.y.y.y extendable

ip nat inside source static x.x.x.x z.z.z.z extendable.

When a packet is coming from outside to insde with destination

address y.y.y.y or z.z.z.z, it will be sent to x.x.x.x

When a pkt is going out, it will have src address as y.y.y.y ( from the first of the two statements )

1906
Views
0
Helpful
1
Replies
CreatePlease to create content