You combine the following commands in 8.2 code, in 8.3+ we are just using a NAT command
- nat
- global
- static
Global NAT for internet access
nat all 10.0.0.0/24 traffic from inside to NAT ID "1"
nat (inside) 1 10.0.0.0 255.255.255.0
On NAT ID "1" nat all traffic behind the outside interface
global (outside) 1 interface
Static nat for giving a server a public IP
static (inside,outside) 100.100.100.10 192.168.1.100
access-list 100 permit tcp any host 100.100.100.10 eq https
access-group 100 in interface outside
Create ACL to match traffic to be NAT'd for nat hide for VPN
access-list policy-nat extended permit ip 172.16.1.245 255.255.255.255 213.168.225.149 255.255.255.255
access-list policy-nat extended permit ip 172.16.1.245 255.255.255.255 217.114.160.101 255.255.255.255
Nat traffic matched with the ACL to NAT ID "2"
nat (public) 2 access-list policy-nat
Define what IP NAT id "2" should be nat'd to on the outside interface
global (outside) 2 172.16.1.242
select traffic, nat, define what IP to nat to 🤷
No comments:
Post a Comment