static nat between phisical interface and virtual interface on same ethernet

Discussion in 'Cisco' started by Andrea, Apr 19, 2004.

  1. Andrea

    Andrea Guest

    Hi everybody,

    I have configured 2 DMZ zone on the same ethernet using 2 VLANs, one
    is a phisical interface and the other is a virtual interface. The
    first dmz (DMZ1) use public IPs while the second (DMZ2) use private
    IPs.

    Hosts in the DMZ2 can access outside withoug problem usign dynamic nat
    but can't access the DMZ1 hosts. The error message is

    %PIX-3-305005: No translation group found for udp src DMZ2:host/port
    dst DMZ1:host/port

    I configured a static nat with following line:

    static (DMZ2,DMZ1) 192.168.1.0 192.168.1.0 netmask 255.255.255.0 0 0

    It seems this rule is never matched. I would like hosts inside DMZ2 to
    access DMZ1 without a real nat but using they original ip address as
    is for hosts in the INSIDE interface.

    Where I am wrong? is it possible to do such a nat between phisical and
    virtual interfaces?

    TIA,

    AV
     
    Andrea, Apr 19, 2004
    #1

    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads

  1. large delay between computer and 4006 ethernet interface

  2. Can 803 (ISDN-ethernet) work ethernet-ethernet?

  3. Using NAT and several public IP on the same ethernet interface

  4. NAT overload with some static NAT's and a block public IP's

  5. policy nat and static NAt

  6. PIX and Windows 2003 - NAT and IPSEC on the same interface

  7. WOW64 and Actual Phisical RAM Usage

  8. 2 static NATs work. 3rd static NAT doesn't.

Loading...