On Mon, 11 Dec 2000, Benjamin Walling wrote:
> If I set up a NAT pool of only 1 address, the router/pix uses PAT. Under
> PAT, I can have 65K hosts (or connections from hosts) connecting to the
> internet.
>
> If I set up a NAT pool of more than 1 address, the router/pix uses NAT.
> Under NAT, I
You will want to use the overload parameter. Here is the syntax, notice that
the overload parameter is optional:
ip nat inside source {list {access-list-number | name} pool name [overload]
| static local-ip global-ip}
Here is what overload does:
"You can conserve addresses in the inside global
Your users will will get 1 host per address under NAT unless you
specifiy overload command. I beleive then that any additioanl users will
use the last address in the pool and PAT on that address.
-Original Message-
From: Benjamin Walling [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 1
There is an argument in the firewall that permits PATting of a NAT pool. The
argument goes at the end of the nat pool statement and is "overload" IE:
ip nat inside source list access-list-number interface interface overload
This allows the firewall to PAT addresses when in runs out of "unique"
a
4 matches
Mail list logo