Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT with FWSM

Hello,

I have following problem:

Firewall context configured within FWSM Version 2.3(3) (virtual firewall).

It has 10 interfaces, and a mixutre of NAT, GLOBAL, and STATIC translations.

Problems occure when I try to connect to one POP server on Internet

(connecting to other sites on internet was fine, www...etc).

I had configuration:

global (outside) 1 x.x.x.x netmask 255.255.255.255

nat (LAB) 1 172.16.0.0 255.255.240.0

But When I added

global (outside) 3 y.y.y.y netmask 255.255.255.255

nat (LAB) 3 172.16.2.0 255.255.255.0

(my address is 172.6.2.48) it started to work.

Why it didn't work with only first nat and global statements?

Thanks in advance.

1 REPLY
New Member

Re: NAT with FWSM

If the global address is constant in both your state it would be an issue on your NAT statement. I woul recommend checking the routing for hosts using the NAT pool

With a mask of /24 you ip should fall in the following subnet

172.16.2.1 to 172.16.2.254

and with /20 it should fall in

172.16.0.1 to 172.16.15.254

107
Views
0
Helpful
1
Replies
CreatePlease login to create content