Name: Cisco Catalyst 6500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

9-22

Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide

OL-6392-01

Chapter 9 Configuring Network Address Translation

Using Dynamic NAT and PAT

NAT ID (see Figure 9-13). Note that for outside NAT (DMZ interface to Inside interface), the inside host

uses a static NAT statement to allow outside access, so both the source and destination addresses are

translated.

Figure 9-13 Outside NAT and Inside NAT Combined

See the following commands for this example:

FWSM/contexta(config)# nat (dmz) 1 10.1.1.0 255.255.255.0 outside

FWSM/contexta(config)# nat (dmz) 1 10.1.1.0 255.255.255.0

FWSM/contexta(config)# static (inside,dmz) 10.1.2.27 10.1.1.5 netmask 255.255.255.255

FWSM/contexta(config)# global (outside) 1 209.165.201.3-209.165.201.4

FWSM/contexta(config)# global (inside) 1 10.1.2.30-1-10.1.2.40

Outside

DMZ

Inside

Global 1: 209.165.201.3-

209.165.201.10

Global 1: 10.1.2.30-

10.1.2.40

Static to DMZ: 10.1.2.27 10.1.1.5

Outside NAT 1: 10.1.1.0/24

NAT 1: 10.1.1.0/24

10.1.1.15

10.1.2.27

Source Addr Translation

209.165.201.410.1.1.15

Source Addr Translation

10.1.2.3010.1.1.15

Dest. Addr Translation

10.1.2.2710.1.1.5

114998

Cisco Catalyst 6500 Series User Manual

Other manuals for Cisco Catalyst 6500 Series