Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Pat Outside to Inside on PIX 525

Is the following configuration supported ?

PIX Version 6.3(1)

nameif ethernet0 outside security0

nameif ethernet1 support security95

nameif ethernet3 inside security100

.

access-list support-in permit tcp any host My_Host eq www

access-list support-in permit icmp any any

.

global (inside) 2 interface

nat (support) 2 172.24.1.0 255.255.255.0 0 0

.

access-group support-in in interface support

!

Basically I am trying to perform PAT from Low security to high security. It does not seem to work based on the configs above as the capture output shows the requested from low-to-high going out unchanged

Thanks

2 REPLIES
Community Member

Re: Pat Outside to Inside on PIX 525

We ran into a similar situation with Pix v6.2(2). After talking to TAC, here is our solution.

global (inside) 2 172.28.100.10

nat (outside) 0 access-list 101 outside

nat (outside) 2 192.187.81.0 255.255.255.192 outside 0 0

access-list 101 deny ip 192.187.81.0 255.255.255.192 any

access-list 101 permit ip any any

Community Member

Re: Pat Outside to Inside on PIX 525

Thanks !

Tha worked for me, I was missing the [outside] keyword after the NAT pool

Appreciated

Ayman

192
Views
4
Helpful
2
Replies
CreatePlease to create content