• Advertisement

Explanation on NAT Statement

Firewalls, PIX, ASA, VPN, Access Control List, User Authentication, Data Encryption and Best Practices.

Explanation on NAT Statement

Postby Guest » Fri Jan 07, 2011 12:43 pm

Hi Guys,

 

What does the following statement means on the pix firewall ? For example

 

global outside 2 67.75.236.193-67.75.236.194 netmask 255.255.255.240

 

Does the above mean that we have got two address 67.75.236.193 and 67.75.236.194 for the firewall to use for natting. (I know about what 2 means in the statement).

 

Tks

Guest
 

Advertisement

Re:Explanation on NAT Statement

Postby Guest » Fri Jan 07, 2011 1:02 pm

That means that the source network that falls under your nat will be able to get translated to those two addresses only. If you have 10 inside hosts trying to go out to the internet only two will be able to do it at the same time since they are all sharing the two global addresses.

 

Is that clear?

 

Sent from Cisco Technical Support iPhone App

Guest
 

Re:Explanation on NAT Statement

Postby Guest » Fri Jan 07, 2011 1:55 pm

You are absolutely correct.

Only 2 ip addresses can be used for NATing and if you have any subsequent packet that needs to be translated, then it will fail unless if you configure PAT, eg:

 

global (outside) 2 interface

 

OR/


global (outside) 2 67.75.236.195

Guest
 



  • Advertisement


Similar topics

Explanation of an error message %PM_SCP-SP-2-LCP_FW_ERR_INFORM
Forum: Cisco Switching
Author: Anonymous
Replies: 0

UCCX 8.0 If Statement Question
Forum: Anything Networking
Author: Anonymous
Replies: 0

Access-list statement format, help!
Forum: Anything Networking
Author: Anonymous
Replies: 0

NAT Statement order of priority??
Forum: Cisco Security
Author: Anonymous
Replies: 0

1142 AP Config Explanation
Forum: Cisco Wireless
Author: Anonymous
Replies: 0


Return to Cisco Security

Who is online

Users browsing this forum: Bing [Bot] and 2 guests