there are different situations when you will want to do what you are doing,
but here's a quick breakdown.
nat (inside) 0 access-list not-nated [1]
nat (inside) 1 0.0.0.0 0.0.0.0 0 0 [2]
access-list not-nated permit ip IP_not_nated_to_the_Internet
Subnet_Mask_of_device_not_nated any [3]
global
By default all outbound connections are enabled and all inbound are blocked.
- Original Message -
From: Philip Sousa
To:
Sent: Wednesday, January 09, 2002 12:32 AM
Subject: PIX with no NAT [7:31353]
I've been on Cisco's site for hours, but cannot find a conclusive answer
to
my
- Original Message -
From: Philip Sousa
Sent: Wednesday, January 09, 2002 12:32 AM
Subject: PIX with no NAT [7:31353]
I've been on Cisco's site for hours, but cannot find a conclusive answer
to
my question. When you disable NAT (NAT 0) to allow the use of public IP's
behind the
may be you can use
for example
internal network: 192.168.1.x / 24
external network: 200.100.100.X /24
you can use this static command
static 192.168.1.0 192.168.1.0 netmask 255.255.255.0 0 0
access-list OUT permit ip any any
access-list IN permit ip X.X.X.X any
access-group OUT interface
You still need conduit or access list to bypass PIX ASA.
-Keyur Shah-
CCIE# 4799 (Security; Routing and Switching)
css1,ccna,ccda,scsa,scna,mct,mcse,mcp+i,mcp,cni,mcne,cne,cna
Hello Computers
Say Hello to Your Future!
http://www.hellocomputers.com
Toll-Free: 1.877.794.3556
Fremont: 510.795.6815
5 matches
Mail list logo