RE: [fw-wiz] PIX Firewall, Help with nemask use in NAT and Global comands

From: Victor Williams (vbwilliams_at_essvote.net)
Date: 05/07/04

Next message: Paul D. Robertson: "Re: [fw-wiz] Worms, Air Gaps and Responsibility"

Previous message: Devdas Bhagat: "Re: [fw-wiz] Worms, Air Gaps and Responsibility"
In reply to: Melson, Paul: "RE: [fw-wiz] PIX Firewall, Help with nemask use in NAT and Global comands"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Melson, Paul'" <PMelson@sequoianet.com>, "'Adel Guia Cruz'" <aguia@fifomi.gob.mx>, <firewall-wizards@honor.icsalabs.com>
Date: Fri, 7 May 2004 08:26:55 -0500

I think what he wants is (in additional to the global command):

nat (inside) 1 192.168.10.10 netmask 255.255.255.255 0 0

Victor Williams

-----Original Message-----
From: firewall-wizards-admin@honor.icsalabs.com
[mailto:firewall-wizards-admin@honor.icsalabs.com] On Behalf Of Melson, Paul
Sent: Friday, May 07, 2004 7:57 AM
To: Adel Guia Cruz; firewall-wizards@honor.icsalabs.com
Subject: RE: [fw-wiz] PIX Firewall, Help with nemask use in NAT and Global
comands

For PAT for outbound browsing, use:

global (outside) 1 interface

For your one-to-one NAT, you would typically use:

static (inside,outside) 190.190.190.195 192.168.10.10 netmask
255.255.255.255 0 0

But I'm not sure I understand your question or your objection to using
'static'. Are you saying that you want a public IP address outside the
firewall to appear as an IP address on the local subnet?

PaulM

> -----Original Message-----
> I want to translate only one IP address from inside, for
> example 192.168.10.10, to one IP address from outside
> 190.190.190.195, so static NAT from inside to outside will be
> perform. I no want to use the static command because the
> translation is from inside to outside.
>
> Inside -----------------NAT------------------> Outside
> Host 192.168.10.10------NAT--------------> 190.190.190.195
_______________________________________________
firewall-wizards mailing list firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Next message: Paul D. Robertson: "Re: [fw-wiz] Worms, Air Gaps and Responsibility"

Previous message: Devdas Bhagat: "Re: [fw-wiz] Worms, Air Gaps and Responsibility"
In reply to: Melson, Paul: "RE: [fw-wiz] PIX Firewall, Help with nemask use in NAT and Global comands"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]