Sunday, January 3, 2010

Types of NAT on Cisco PIX 525 using Version 8.0






In above network I have used 5 routers and used different types of NATs. Check the configuration of firewall. And rest of part of ip addressing is given in the diagram.


PAT tracking for any source


nat (inside) 1 0.0.0.0 0.0.0.0
global (outside) 1 interface
 
Dynamic Nating:
 
nat (inside) 2 192.168.20.0 255.255.255.0

global (outside) 2 192.168.1.20-192.168.1.30 netmask 255.255.255.0


Identity Nating:

nat (inside) 0 192.168.30.0 255.255.255.0


Static Nating:
 
static (inside,outside) 192.168.1.60 192.168.40.2 netmask 255.255.255.255
 
Outside Interface:
 
interface Ethernet1

nameif outside
security-level 0
ip address dhcp setroute


Inside Interface:
 
interface Ethernet0

nameif inside
security-level 100
ip address 192.168.100.2 255.255.255.0

routes:
 
route outside 0.0.0.0 0.0.0.0 192.168.1.1 1

route inside 192.168.0.0 255.255.0.0 192.168.100.1 1

Access-lists:

access-list outside_to_inside extended permit tcp any host 192.168.1.60 eq telnet

access-list outside_to_inside extended permit icmp any any echo-reply

applied on:

access-group outside_to_inside in interface outside


Checking translation for each type of translation:

debug icmp trace
show conn
show xlate

Note: There more options for above commands to be used. So explore yourself.
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)