Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

NAT - Hide Outside Address


I want to allow access from inside to outside on a PIX 501 but I want to hide the outside address.

I want to telnet from inside to outside and have the PIX rewrite the address to the real outside address. Sort of the opposite to a normal PAT.

Anyone know if this is possible?



Re: NAT - Hide Outside Address

normal PAT would translate the inside host ip source address to the outside interface's ip address for a telnet connection originating from the inside interface that is going out to the internet. This sounds like it is exactly what you seek to do. So what exactly are you trying to do?

New Member

Re: NAT - Hide Outside Address

Thanks for the quick reply. What I am trying to do is connect to an an ouside IP that I would not normally be able to route to. This firewall is not an Internet firewall, it is just connecting two interior networks. From the inside however I cannot route (by design) to the outside subnet. To telnet to a host on the outside subnet I want the firewall to to redirect from it's inside interface (or pool) to the real IP address on the outside. Basically the reverse of a PAT on an Internet firewall.

Thanks again.

New Member

Re: NAT - Hide Outside Address


To do this you must Nat the outside address to an inside address. Use something similar to the following line. The X.X.X.X is the inside IP you want the outside to appear to the inside as and Y.Y.Y.Y is the real outside IP. You must have at the minimum PIX code 6.2 for this to work.

static (outside,inside) X.X.X.X Y.Y.Y.Y netmask

Follow this link for details.

New Member

Re: NAT - Hide Outside Address

Thank you. That's exactly what I was after.

CreatePlease to create content