Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
265
Views
0
Helpful
2
Replies

NAT's problem

pmartiny
Level 1
Level 1

‎04-01-2003 11:04 PM - edited ‎03-09-2019 02:44 AM

Hi,

I apoligize for my bad english!!

I must do a complex VPN between two pix where I am oblige to do NAT. However I have a problem with the NAT. In fact I want to relocate my subnet towards a virtual network. I will do it with this commands :

Global (outside) 20 20.0.1.0

Nat (inside) 20 access-list 120

with access-list 102 permit ip 10.0.1.0 255.255.255.0 20.0.1.0 255.255.255.0

But the pix don't want this commands because with an access-list, it accept only nat 0

I like to know how I can circumvent this problem

Thank you in advance,

Paul Martiny

Labels:
0 Helpful
2 Replies 2

jsivulka
Level 5
Level 5

‎04-07-2003 11:57 AM

The NAT command allows you to specify an access-list only if NAT 0 is used. It seems that you want packets destined only to 20.0.1.0/24 to be natted. To achieve that, what you could try is to deploy access-lists on the outermost router so that it will allow only packets from network 10.0.1.0/24 and destined for 20.0.1.0/24 to reach the PIX. These could then be natted by the PIX.

0 Helpful

pmartiny
Level 1
Level 1
In response to jsivulka

‎04-07-2003 10:48 PM

Thank you very much. It's good idea but i must realize this only with one pix.

Paul Martiny

0 Helpful
Customers Also Viewed These Support Documents