pix nat

Discussion in 'Cisco' started by ozgurklc@gmail.com, Jun 5, 2006.

  1. Guest

    Hello All,

    Our network is
    pix inside 10.112.2.241
    pix outside 192.168.0.1


    Adsl Modem 192.168.0.2


    Our local ip grup 10.112.x.x. I want to make nat to acces 10.2.2.2 with

    23 port.
    How can i do? or second way How can i define local ip to iincoming
    connection likely windows rras?


    Best Regards
    Özgür


    Cevapla »


    Gönderen: Walter Roberson - profili göster
    Tarih: Cuma 2 Haziran 2006 20:54
    E-posta: (Walter Roberson)
    Gruplar: comp.dcom.sys.cisco
    Henüz derecelendirilmemisSiniflama:
    seçenekleri göster


    Cevapla | Yazara Cevap Ver | Ilet | Yazdir | Sadece Mesaj | Aslini
    göster | Kötüye Kullanimi Bildir | Bu yazarin mesajlarini bul


    In article <>,


    <> wrote:
    >Our network is
    >pix inside 10.112.2.241
    >pix outside 192.168.0.1
    >Adsl Modem 192.168.0.2
    >Our local ip grup 10.112.x.x. I want to make nat to acces 10.2.2.2 with
    >23 port.
    >How can i do?



    Is 10.2.2.2 inside or outside the network? If it is inside the
    network, then you will need an internal router because 10.2.2.2
    is not in the same subnet as your inside interface 10.112.2.241 .
    You would need a 'static' command, and you would need a 'route'
    command,
    and you would need to alter the access-list that you have applied
    to the outside interface by using the access-group command.

    If 10.2.2.2 is outside your network, then as you want to use NAT to
    access the address, we need to know whether 10.2.2.2 is the form of
    the IP that internal users are to use to reach the outside resource,
    or if 10.2.2.2 is the outside IP and you want the internal users to
    use some other IP to access it ?



    >or second way How can i define local ip to iincoming
    >connection likely windows rras?



    Sorry, please rephrase the question indicating where each
    part is relative to the other parts and which IP you are trying to use
    to access what.

    Cevapla » Bu gönderiyi degerlendirin Text for clearing space


    Gönderen: - profili göster
    Tarih: Ptesi 5 Haziran 2006 09:40
    E-posta:
    Gruplar: comp.dcom.sys.cisco
    Henüz derecelendirilmemisSiniflama:
    seçenekleri göster


    Cevapla | Yazara Cevap Ver | Ilet | Yazdir | Sadece Mesaj | Aslini
    göster | Kaldir | Kötüye Kullanimi Bildir | Bu yazarin
    mesajlarini bul


    Hi Thank you for you help,
    The route command has exciced in configuration.
    -- route inside 10.2.22 255.255.255.255 10.112.2.254. 1

    10.112.2.254 is a cisco router.


    What can I do?


    Regards
     
    , Jun 5, 2006
    #1
    1. Advertising

  2. In article <>,
    <> wrote:

    >>E-posta: (Walter Roberson)


    >>Is 10.2.2.2 inside or outside the network? If it is inside the
    >>network, then you will need an internal router because 10.2.2.2
    >>is not in the same subnet as your inside interface 10.112.2.241 .
    >>You would need a 'static' command, and you would need a 'route'
    >>command,
    >>and you would need to alter the access-list that you have applied
    >>to the outside interface by using the access-group command.


    >The route command has exciced in configuration.
    >-- route inside 10.2.22 255.255.255.255 10.112.2.254. 1


    >What can I do?


    Well, like I wrote, you need a static command and you need
    to alter the access-list that you have applied to the outside
    interface by using the access-group command.

    The Cisco PIX online documentation has numerous examples.
     
    Walter Roberson, Jun 6, 2006
    #2
    1. Advertising

  3. Guest

    Thank you Roberson ,

    Yes I have add but telnet command does not work because the internet ip
    should be local ip. For example 85.141.XX.XX ip should 10.X.X.X .

    What can i do?

    Best Regrads

    Walter Roberson wrote:
    > In article <>,
    > <> wrote:
    >
    > >>E-posta: (Walter Roberson)

    >
    > >>Is 10.2.2.2 inside or outside the network? If it is inside the
    > >>network, then you will need an internal router because 10.2.2.2
    > >>is not in the same subnet as your inside interface 10.112.2.241 .
    > >>You would need a 'static' command, and you would need a 'route'
    > >>command,
    > >>and you would need to alter the access-list that you have applied
    > >>to the outside interface by using the access-group command.

    >
    > >The route command has exciced in configuration.
    > >-- route inside 10.2.22 255.255.255.255 10.112.2.254. 1

    >
    > >What can I do?

    >
    > Well, like I wrote, you need a static command and you need
    > to alter the access-list that you have applied to the outside
    > interface by using the access-group command.
    >
    > The Cisco PIX online documentation has numerous examples.
     
    , Jun 6, 2006
    #3
  4. In article <>,
    <> wrote:

    >Thank you Roberson ,


    Please don't top-post: it makes it harder to follow the discussion,
    and I have to manually edit your response into a better format in
    order for my reply to be coherent.

    [Also, Roberson is my family name, not my given name. If you are going
    to refer to me by my family name, at least use lower-case, roberson
    instead of Roberson, so that I can pretend you are extracting from my
    email address.]


    >Best Regrads
    >
    >Walter Roberson wrote:
    >> In article <>,
    >> <> wrote:


    >> >>E-posta: (Walter Roberson)

    >>
    >> >>Is 10.2.2.2 inside or outside the network?


    >> >-- route inside 10.2.22 255.255.255.255 10.112.2.254. 1


    >> Well, like I wrote, you need a static command and you need
    >> to alter the access-list that you have applied to the outside
    >> interface by using the access-group command.


    >Yes I have add but telnet command does not work because the internet ip
    >should be local ip. For example 85.141.XX.XX ip should 10.X.X.X .


    Well, like I wrote, you need a static command, and you need
    to alter the access-list that you have applied to the outside
    interface by using the access-group command.

    >> The Cisco PIX online documentation has numerous examples.


    >What can i do?


    Well, like I wrote, the Cisco PIX online documentation has numerous
    examples.

    Have you read the Cisco PIX documentation? Have you examined the
    PIX examples for using a server with NAT? Have you attempted a
    configuration based upon those examples and had the configuration fail?
    If so then post the configuration you tried and we will have a look.


    If you had answered my earlier questions, this all could have been
    resolved days ago. It is difficult to be of assistance to someone
    who does not answer clarifying questions, and who says that previous
    advice was incorrect, citing some fact that had never previously been
    mentioned but which had been asked about. As long as your questions
    are vague and incomplete, my answers have to be vague and incomplete.
     
    Walter Roberson, Jun 6, 2006
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Michael Gorsuch

    Pix-to-Pix VPN - BOTH BOXES BEHIND NAT!!!

    Michael Gorsuch, Oct 23, 2003, in forum: Cisco
    Replies:
    1
    Views:
    1,710
    Walter Roberson
    Oct 24, 2003
  2. Oleg Tipisov

    PIX Policy NAT: order of NAT commands

    Oleg Tipisov, Aug 12, 2004, in forum: Cisco
    Replies:
    4
    Views:
    8,964
    Walter Roberson
    Aug 13, 2004
  3. Jose Ros

    Pix to Pix tunnel through NAT

    Jose Ros, Oct 19, 2004, in forum: Cisco
    Replies:
    6
    Views:
    2,038
    an admin too
    Oct 21, 2004
  4. Jose
    Replies:
    3
    Views:
    2,005
  5. Matthew Melbourne
    Replies:
    2
    Views:
    7,436
    Matthew Melbourne
    Feb 12, 2005
Loading...

Share This Page