Outside Nat - Cisco Catalyst 6500 Series Configuration Manual
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
NAT Overview
static NAT translation that translates the local address only for traffic to and from the 209.165.201.0/27
network. A translation does not exist for the 209.165.200.224/27 network, so the local host cannot
connect to that network, nor can a host on that network connect to the local host.
Figure 9-5
209.165.202.129
Policy NAT does not support SQL*Net, but it is supported by regular NAT. See the
Note
Overview" section on page 13-1
The number of access control entries (ACEs) used in policy NAT statements is limited. See the
Note
"Maximum Number of ACEs" section on page 10-7
rules.
Outside NAT
When hosts on a lower security interface (outside) access hosts on a higher security interface (inside),
you do not have to perform NAT on the outside hosts. (See the
page 6-6
outside interfaces so that the outside host address is translated. Because the inside host is also typically
translated using a static NAT statement, both host addresses are translated.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
9-10
Policy Static NAT with Destination Address Translation
209.165.201.11
209.165.201.0/27
Dest. Addr Translation
10.1.2.27
for more information about security levels.) You can, however, optionally configure NAT on
209.165.200.225
209.165.200.224/27
DMZ
FWSM
Inside
10.1.2.0/24
10.1.2.27
for information about NAT support for other protocols.
for information about limits on certain types of
Chapter 9
Configuring Network Address Translation
No Translation
"Inspection Engine
"Configuring Interfaces" section on
OL-6392-01
Advertisement
Table of Contents
Troubleshooting
