Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

two global (outside) command exist ??!

If I use two global NAT command, how the PIX works to NAT or PAT ???

global (outside) 1 10.0.0.2-10.0.0.10 netmask 255.0.0.0

global (outside) 1 10.0.0.1 netmask 255.0.0.0

thanks.

2 REPLIES
Silver

Re: two global (outside) command exist ??!

This will NAT the first 9 users behind .2-.10, then when those 9 IPs are exhausted, it will PAT remaining users behind .1. For your reference:

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_7_2/cmd_ref/gh_711.htm#wp1682258

Cisco Employee

Re: two global (outside) command exist ??!

Rico,

Rico,

Based upon your configuration, if you have a nat(inside)1 then the addresses from the inside will use Dynamic NAT and PAT.

When the inside addresses make outbound connections, they are translated using the global address pool of 10.0.0.2 - 10.0.0.10 as long as these addresses are available. If all the addresses in the pool are in use, then dynamic PAT takes place using the 10.0.0.1 address.

I hope it helps.

Regards,

Arul

117
Views
0
Helpful
2
Replies
CreatePlease to create content