Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Weird issue with static translation

I have a server that connects through the PIX 515 to the internet. It uses the global NAT or PAT pools and works just fine. I need to change it to a static IP address to connect to a customer. So I added a static translation in the PIX, did a clear xlate and clear arp commands and then the server cannot connect anything on the far end of the PIX. all internal and other legs of the firewall are fine. If I remove the static command, clear xlate, the server connects fine. I even cleared the arp on the internet routers.

Any ideas?

4 REPLIES
Community Member

Re: Weird issue with static translation

What's your static command? If you are referencing specific ports it won't work.

Community Member

Re: Weird issue with static translation

static (inside,outside) outside_IP_address internal_IP_address netmask 255.255.255.255

I allow all outbound connections.

Community Member

Re: Weird issue with static translation

Looks ok to me although you might want to add "0 0" at the end of the line. If your PIX isn't too busy you can try doing a logging console/buffer/monitor 4, depending where you want the output to go, and see what the errors are.

Bronze

Re: Weird issue with static translation

John,

What's your complete nat configuration?

The static command you entered looks fine - I would check to make sure the IP you are using isn't part of the pool IP addresses.

--Jason

Please rate if this message helped.

97
Views
0
Helpful
4
Replies
CreatePlease to create content