Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
201
Views
0
Helpful
1
Replies

Nat - Same IP but diffrent routes through diffrent DMZs

JSilvin
Level 1
Level 1

‎11-06-2003 11:07 PM - edited ‎03-09-2019 05:26 AM

Hi folks!

The following is my network:

Internet

|

PIX --- DMZ---Cisco3640--Pvt WAN Link----Cisco 3640--

|

Host

|

Server Zone

To ensure that I make some servers available on the Internet and across the WAN Link, I advertize the servers on the DMZ and Intrnet using Static command.

These servers also have to initiate connection to Replication servers, one on the Internet and the other on the other end of the WAN link. for this I need to use the NAT commnad.

i.e.

if x.x.x.x/27 is my Server IP (inside)

and y.y.y.y/24 is the DMZ zone

and z.z.z.z/24 is the Internet zone (outside)

then I need to nat for each zone as the routes are different to reach diffrent servers.

global (outside) 1 z.z.z.10

global (dmz) 2 y.y.y.10

nat (inside) 1 x.x.x.x 255.255.255.255

nat (inside) 2 x.x.x.x 255.255.255.255

In effect, I want to NAT the same IP to diffrent DMZs as diffrent GLOBAL ips. I am getting a Duplicate NAT entry. How do I overcome this ?

Any help on this is appreciated. Thanks.

Labels:
0 Helpful
1 Reply 1

nkhawaja
Cisco Employee
Cisco Employee

‎11-09-2003 11:58 AM

Hi,

You said that you are using static, but in the exmple you are using NAT, which one are you using?

for your particular problem of duplicate NAT

try the following

global (outside) 1 z.z.z.10

global (dmz) 1 y.y.y.10

nat (inside) 1 x.x.x.x 255.255.255.255

Thanks

Nadeem

0 Helpful
Customers Also Viewed These Support Documents