There is an argument in the firewall that permits PATting of a NAT pool. The
argument goes at the end of the nat pool statement and is "overload" IE:
ip nat inside source list access-list-number interface interface overload
This allows the firewall to PAT addresses when in runs out of "unique"
addresses in the nat pool.
Charles Henson
""Benjamin Walling"" <[EMAIL PROTECTED]> wrote in message
9131aa$fg1$[EMAIL PROTECTED]">news:9131aa$fg1$[EMAIL PROTECTED]...
> If I set up a NAT pool of only 1 address, the router/pix uses PAT. Under
> PAT, I can have 65K hosts (or connections from hosts) connecting to the
> internet.
>
> If I set up a NAT pool of more than 1 address, the router/pix uses NAT.
> Under NAT, I can have 1 host per address in the NAT pool.
>
> Does this sound right? I have two available address to get my users out
> with. If I put them both in a pool, will I only get two out at a time, or
> will it allow 65K connections per address in the pool? The documentation
> seems fuzzy on this.
>
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
