PAT/NAT ACL configuration question

Discussion in 'Cisco' started by pbass83, May 6, 2008.

  1. pbass83

    pbass83 Guest

    Hi everyone,
    I setup a PAT overload on a 2611 router to allow some workstations
    internet access. I also want to setup a static NAT for a web/ftp
    server. Is it possible to do both simultaneously without opening up
    pbass83, May 6, 2008
    1. Advertisements

  2. pbass83

    News Reader Guest


    The following is not a complete configuration; just some ACLs:

    ip access-list extended nat-src
    remark --- Inside source addresses dynamically translated via PAT
    permit ip any

    ip nat inside source list nat-src interface Ethernet1 overload

    ip nat inside source static tcp 21 interface Ethernet1 21
    ip nat inside source static tcp 80 interface Ethernet1 80

    Typically, you'd use an ACL on the inside interface to address outbound
    traffic, with inspection to facilitate the return path.

    Likewise, you'd use an ACL on the outside interface to address inbound
    traffic (i.e.: to your server), with inspection to facilitate the return

    Best Regards,
    News Reader
    News Reader, May 7, 2008
    1. Advertisements

  3. pbass83

    pbass83 Guest

    News Reader,
    Thanks very much for the advice. I

    pbass83, May 17, 2008
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.