PIX overlapping static commands

Discussion in 'Cisco' started by atif, Jan 31, 2005.

  1. atif

    atif Guest

    Hello all,
    I would like to know if I can configure static commands with
    overlapping addresses and it works. For e.g. if I have an address that
    is already covered in a net static statement like:

    static (inside,outside) 192.168.10.0 192.168.10.0 netmask 255.255.255.0
    0 0

    but for one specific host I would like to specify the number of
    connections that this host can open by:

    static (inside,outside) 192.168.10.50 192.168.10.50 netmask
    255.255.255.255 500 0

    After putting the second statement, it is noticed that PIX would take
    it with a warning/error of overlapping addresses but won't take the
    "netmask" keyword. But how would I make sure that it is actually using
    my second statement for this particular host???

    Has anyone tried this before. Please let me know your experience.
    Thanks in advance.

    Atif
     
    atif, Jan 31, 2005
    #1
    1. Advertising

  2. In article <>,
    atif <> wrote:
    :I would like to know if I can configure static commands with
    :eek:verlapping addresses and it works. For e.g. if I have an address that
    :is already covered in a net static statement like:

    :static (inside,outside) 192.168.10.0 192.168.10.0 netmask 255.255.255.0 0 0

    :but for one specific host I would like to specify the number of
    :connections that this host can open by:

    :static (inside,outside) 192.168.10.50 192.168.10.50 netmask 255.255.255.255 500 0

    Not on the PIX. The PIX has a requirement that the IPs you use
    in a static cannot be implicitly or explicitly used in any other
    context that assigns a definite translation. There are some things
    you can do with policy translations to override this.

    --
    Rump-Titty-Titty-Tum-TAH-Tee -- Fritz Lieber
     
    Walter Roberson, Jan 31, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Nate Smith
    Replies:
    2
    Views:
    545
    Hugo Drax
    Oct 21, 2003
  2. Oleg Tipisov
    Replies:
    0
    Views:
    852
    Oleg Tipisov
    Aug 10, 2004
  3. Julie
    Replies:
    5
    Views:
    1,609
    Jean-Michel Kaiser
    Dec 19, 2004
  4. Nieuws Xs4all
    Replies:
    0
    Views:
    643
    Nieuws Xs4all
    May 26, 2005
  5. jamdatadude
    Replies:
    3
    Views:
    643
Loading...

Share This Page