pix nat

Can someone please tell me what is wrong with this config access-list nonat permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 nat (inside) 0 access-list nonat global (outside) 1 172.16.10.50 255.255.255.255 I get no translation at all. I have permit ip any any access lists on both in

Re: pix nat

With NAT 0 you will ge tno traslation. If you want translation your NAT ID and GLobal ID must match. So I'd have to say that you need to revist your config and situation and clear up the issue of "to nat or not" Moe. --- Rick Holden <[EMAIL PROTECTED]> wrote: > Can someone please tell me what

Re: pix nat

You seems missing one of statemnet. Where is your " nat statment"? Please read the configuration guide in the cisco web site, it will provide you a lot of pix configuarion. Hope this help Vincent ""Rick Holden"" <[EMAIL PROTECTED]> ¼¶¼g©ó¶l¥ó 000d01c0a389$1c311680$[EMAIL PROTECTED]">news:000d01c

logging PIX - NAT translations (xlate)

Is there a way to have the NAT translations sent to a syslog (or other type) of server. You can do a show xlate and get a list of the translations - can this be logged to a text file?? I have a customer that needs to be able to track IP addresses from the outside > translated (PIX) > inside > wor

PIX + NAT Question [7:41022]

I am having problems to get a certain configuration to work with my PIX, I use NAT for all network to a Public IP address range, then I also use PAT for my 10.100.0.0 network so all machines comming from that network use the public address ending with .50. Now I need to use PAT for a client that i

PIX NAT bypass [7:61338]

Hello! I need to implement unidirectional traffic flow with NAT bypass through PIX. Any help, links, config examples would be fine. Thanks. -- Michael Vasilenko Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61338&t=61338 -- F

PIX Nat Traversal / VPN [7:66404]

I have a requirement to configure a VPN tunnel on pix ver 6.3 using nat traversal. I am wondering if I need to use any special commands and which ports I need to forward from my router to the pix. I am assuming udp port 500. Has anyone done this that could give me some advice? regards Chris Th

RE: PIX + NAT Question [7:41022]

ws.com/job ~ -Original Message- From: Arni V. Skarphedinsson [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 10, 2002 6:52 AM To: [EMAIL PROTECTED] Subject: PIX + NAT Question [7:41022] I am having problems to get a certain configuration to work with my PIX, I use NAT for all network to a Public

RE: PIX + NAT Question [7:41022]

the nat "(inside) 2 123.123.144.251 255.255.255.255 0 0" is somthing I added to try to get the host 123.123.144.251 to PAT to the .50 address, but that´s not working, the network connected to the inside interface is 123.123.144.0/24 the "nat (inside) 2 10.100.0.0 255.255.0.0 0 0" statment is what

RE: PIX + NAT Question [7:41022]

~ http://www.RouterChief.com ~ Need a Job? http://www.OleDrews.com/job ~ -Original Message- From: Arni V. Skarphedinsson [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 10, 2002 3:29 PM To: [EMAIL PROTECTED] Subject: RE: PIX +

RE: PIX + NAT Question [7:41022]

What is the problem and can you send a config once again. -Original Message- From: Arni V. Skarphedinsson [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 10, 2002 11:29 PM To: [EMAIL PROTECTED] Subject: RE: PIX + NAT Question [7:41022] the nat "(inside) 2 123.123.14

pix, nat, and OWA [7:19152]

our pix is running nat, and i want to put an outlook web access server on a dmz interface. however, all the netbios communication to the domain controllers and exchange servers seems like it is going to require a whole lot of static/conduits and a serious lmhosts file. bottom line: is there a

RE: PIX NAT bypass [7:61338]

-- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Namens Michael Vasilenko Verzonden: zondag 19 januari 2003 17:21 Aan: [EMAIL PROTECTED] Onderwerp: PIX NAT bypass [7:61338] Hello! I need to implement unidirectional traffic flow with NAT bypass through PIX. Any help, links, config exampl

PIX Nat vs. IOS Nat for DNS

My question is about DNS queries through the PIX and the IOS w/NAT. This is taken from the Cisco web site. http://www.cisco.com/warp/public/458/41.html#Q21 Q: Does Cisco IOS NAT support DNS queries? A: Yes, Cisco IOS NAT will

Pix NAT - Two to one [7:37179]

Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single inside. The advantage would be that when the web sites are

RE: PIX Nat Traversal / VPN [7:66404]

Message- From: Chris Penrose To: [EMAIL PROTECTED] Sent: 28/03/2003 21:28 Subject: PIX Nat Traversal / VPN [7:66404] I have a requirement to configure a VPN tunnel on pix ver 6.3 using nat traversal. I am wondering if I need to use any special commands and which ports I need to forward from my

RE: PIX Nat Traversal / VPN [7:66404]

-Original Message- From: Steve Wilson [mailto:[EMAIL PROTECTED] Sent: 30 March 2003 21:21 To: [EMAIL PROTECTED] Subject: RE: PIX Nat Traversal / VPN [7:66404] Last time I looked you could not do NAT-T on a PIX with 6.3 software. Only VPN Gateways can handle it. Next gen of software

RE: PIX Nat vs. IOS Nat for DNS

Brian, Look into the "alias" command. It might be what you are looking for. Cory -Original Message- From: Brian Bieber [mailto:[EMAIL PROTECTED]] Sent: Monday, January 08, 2001 11:16 AM To: '[EMAIL PROTECTED]' Subject: PIX Nat vs. IOS Nat for DNS My question

Re: PIX Nat vs. IOS Nat for DNS

I have a question along the same line... If I have a single DNS behind NAT and I want to change it's IP to 10.x.x.x, how does NAT/Firewall know to forward the request to that address and how would I register with Network Solutions so that there is a "virtual" name server? Any suggestions/ideas?

RE: PIX Nat vs. IOS Nat for DNS

join one of the coolest tech sites out. Did I mention no banners and free tech support. -Original Message- From: Joe Schnerd [mailto:[EMAIL PROTECTED]] Sent: Monday, January 08, 2001 4:07 PM To: [EMAIL PROTECTED] Subject: Re: PIX Nat vs. IOS Nat for DNS I have a question along the same line

Re: Pix NAT - Two to one [7:37179]

what is the overall goal? >>> Gaz 03/04/02 03:06PM >>> Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single i

Re: Pix NAT - Two to one [7:37179]

Eventually, two separate static commands for two separate outside addresses going to two separate DMZ addresses. At the moment there is just one machine inside. Possibility of putting multiple addresses on the server but preferred option is not to do this. What I would like to miss out is the time

RE: Pix NAT - Two to one [7:37179]

On a cisco router, you use the Extendable command. not sure about the pix. -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 3:07 PM To: [EMAIL PROTECTED] Subject: Pix NAT - Two to one [7:37179] Hi all, Has anybody tried NAT'ing two ou

Re: Pix NAT - Two to one [7:37179]

Why not add an additional ip to the internal host and have two nats? - Original Message - From: "Gaz" To: Sent: Monday, March 04, 2002 3:06 PM Subject: Pix NAT - Two to one [7:37179] > Hi all, > > Has anybody tried NAT'ing two outside addresses to one interna

Re: Pix NAT - Two to one [7:37179]

t; To: > Sent: Monday, March 04, 2002 3:06 PM > Subject: Pix NAT - Two to one [7:37179] > > > > Hi all, > > > > Has anybody tried NAT'ing two outside addresses to one internal (DMZ) > > address on the same port (80) in some way. > > Not too diffi

Re: Pix NAT - Two to one [7:37179]

When the two outside addresses are resolved to the single inside address (port 80) everything is OK but when the web server sends back a reply which of the address translations with be used? If the wrong one is picked any firewall will choke on it, and if no firewall, the other end of the connecti

RE: Pix NAT - Two to one [7:37179]

038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Hire, Ejay [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 3:52 PM To: [EMAIL PROTECTED] Subject: RE: Pix NAT - Two to one [7:37179] On a cisco router, you use the Extendable command. not sure about the pix.

RE: Pix NAT - Two to one [7:37179]

-Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 3:51 PM To: [EMAIL PROTECTED] Subject: Re: Pix NAT - Two to one [7:37179] Eventually, two separate static commands for two separate outside addresses going to two separate DMZ addresses. At the moment there is just

Re: Pix NAT - Two to one [7:37179]

TLending > New York, NY 10038 > (212) 651 - 7695 Voice > (212) 651 - 7795 Fax > > > > -Original Message- > From: Hire, Ejay [mailto:[EMAIL PROTECTED]] > Sent: Monday, March 04, 2002 3:52 PM > To: [EMAIL PROTECTED] > Subject: RE: Pix NAT - Two to one [7:37179] &

RE: Pix NAT - Two to one [7:37179]

The reply *should* come from the IP that the request arrived at ... ... Thanks! TJ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 12:38 AM To: [EMAIL PROTECTED] Subject: Re: Pix NAT - Two to one [7:37179] When the two outside

PIX - NAT 0 problems this weekend [7:18471]

Last week I talked with some TAC engineers about running NAT 0 on a PIX. This weekend I upgraded a customers site by placing Web servers in a DMZ. For various reasons, I did not want to privately address the web servers and use static translations. Some TAC engineers said there are ongoing discus

Re: PIX - NAT 0 problems this weekend [7:18471]

anks! -g -- The truth shall set you free ...Success is a journey not a destination... George Harper Network Engineer, Sr CCDP, CCNP On Tue, 4 Sep 2001, Bill Carter stated: BC>Date: Tue, 4 Sep 2001 15:55:36 -0400 BC>From: Bill Carter BC>To: [EMAIL PROTECTED] BC>Subject

Re: PIX - NAT 0 problems this weekend [7:18471]

Hi, Very insightful discussion! Does 6.0's NAT 0 0 0 functions better? The benefit of NAT 0 is simple. You use one command to turn off translation. Using static(), you have to enter a CLI for every subnet. if there something like static(inside, outside) 0 0 0? Anybody tried it? Michael Me

Re: PIX - NAT 0 problems this weekend [7:18471]

2001 11:08 PM Subject: Re: PIX - NAT 0 problems this weekend [7:18471] > Hi, > > Very insightful discussion! > > Does 6.0's NAT 0 0 0 functions better? > > The benefit of NAT 0 is simple. You use one command to turn off translation. > Using static(), you have to

Pix NAT Config Question for Current "Secondary" Addresses [7:70635]

Hello, We are in the plans to add a 525 to a customers network which is currently utilizing a 6509 with ACL's for all intra-campus routing and interfacing to the internet. The internet is provided by a special ISP of sorts as it serves connectivity to various school districts in the county. The 65