Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NAT issues on PIX 515E

I need to perform NAT on the outside and DMZ interfaces. I tried using the same NAT ID of 1 for both Globals like below:

Global (outdie) 1 interface

Global (DMZ) 1 interface

nat (inside) 1 0 0

When I try to ping from the inside to outside or DMZ networks I get an error " unable to create translation entry for ....".

The I changed the NAT ID for DMZ to be 2 as follows:

global (outside) 1 interface

global (dmz) 2 interface

nat (inside) 2 192.168.0.0 255.255.0.0

nat (inside) 1 0 0

After this change, I can get translation working for DMZ but not the outside. When I try to browse the internet I get the same "unable to create transation entry error...".

What is the correct way to do NAT from inside to multiple interfaces such as outside, DMZ1, DMZ2 etc.?

Any help would be much apprecited. Thanks.

1 REPLY
Cisco Employee

Re: NAT issues on PIX 515E

Actually the first few statements that you have defined should work

Global (outdie) 1 interface

Global (DMZ) 1 interface

nat (inside) 1 0 0

And you will get the same error message if you follow the later examples.

Try to use IP addrss of the interface instead of the "interface" keyword.

Thanks

Nadeem

83
Views
0
Helpful
1
Replies