开发者

Cisco pix command - whats this command mean?

开发者 https://www.devze.com 2022-12-28 10:49 出处:网络
Anyone know what the following means?I have these two lines in our cisco PIX configuration file but have no references to these IP\'开发者_Go百科s anywhere else in the config and cantfind a device on

Anyone know what the following means? I have these two lines in our cisco PIX configuration file but have no references to these IP'开发者_Go百科s anywhere else in the config and cant find a device on the network with them.

global (inet) 10 213.228.xxx.xx

global (inet) 20 213.228.xxx.xx

thanks, Jason

(BTW: I've xxx'ed out the remainder of the ip for security :-0 )


The global and nat commands are used to define NAT pools for dynamic NAT. In this instance if you had a command like:

nat (inside) 10 192.168.100.0 255.255.255.0

Then all traffic from the network would be translated to whatever address is specified in the command:

global (inet) 10 213.228.xxx.xx

Looking at what you posted, it looks like your implementation has 2 different outgoing addresses based on what subnet the traffic comes from.


You are applying a global NAT(PAT) or better yet Dynamic NAT 213.228.x.x '10' to the specified interface id

So inet is the interface traffic is NAT'd against. And by specifying the following you are saying all from (inside) 10.x.x.x going out (inet) will be NAT'd to 213.228.x.x as per policy '10'.

global (inet) 10 x.x.x.x
global (inet) 20 x.x.x.x

nat (inside) 10 192.168.100.x
nat (inside) 20 192.168.101.x

Hope that helps

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号