cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
256
Views
0
Helpful
2
Replies

two global (outside) command exist ??!

rico_hao40
Level 1
Level 1

If I use two global NAT command, how the PIX works to NAT or PAT ???

global (outside) 1 10.0.0.2-10.0.0.10 netmask 255.0.0.0

global (outside) 1 10.0.0.1 netmask 255.0.0.0

thanks.

2 Replies 2

ethiel
Level 3
Level 3

This will NAT the first 9 users behind .2-.10, then when those 9 IPs are exhausted, it will PAT remaining users behind .1. For your reference:

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_7_2/cmd_ref/gh_711.htm#wp1682258

ajagadee
Cisco Employee
Cisco Employee

Rico,

Rico,

Based upon your configuration, if you have a nat(inside)1 then the addresses from the inside will use Dynamic NAT and PAT.

When the inside addresses make outbound connections, they are translated using the global address pool of 10.0.0.2 - 10.0.0.10 as long as these addresses are available. If all the addresses in the pool are in use, then dynamic PAT takes place using the 10.0.0.1 address.

I hope it helps.

Regards,

Arul

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: