Firewall Wizards mailing list archives

PIX Firewall, Help with nemask use in NAT and Global comands

From: Adel Guia Cruz <aguia () fifomi gob mx>
Date: Thu, 6 May 2004 20:30:58 -0500

I´m new in PIX firewall and I have a question about how to use netmask in
Nat and Global commands.
 
PIX506E
 
inside interface 192.168.10.1  MASK 255.255.255.0
outside interface 190.190.190.192  MASK 255.255.255.224
 
I want to translate only one  IP address from inside, for example
192.168.10.10,  to one IP address from outside 190.190.190.195, so static
NAT from inside to outside will be perform. I no want to use the static
command because the translation is from inside to outside.
 
Inside -----------------NAT------------------> Outside
Host 192.168.10.10------NAT--------------> 190.190.190.195
 
What mask to use in the NAT command to indicate only one IP?
 
The mask that indicate a HOST:
Nat (inside) 1 192.168.10.10 mask 255.255.255.255
 
Or the same mask as the inside interface
Nat (inside) 1 192.168.10.10 mask 255.255.255.0
 
What mask to use in the Global command ?
 
The mask that indicate a HOST:
Global (outside) 1 190.190.190.195 netmask 255.255.255.255
 
Or the same mask as the outside interface
Global (outside) 1 190.190.190.195 nemask 255.255.255.224
 
 
Thanks for the HELP
 
 
 
 
 
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

PIX Firewall, Help with nemask use in NAT and Global comands Adel Guia Cruz (May 06)
- Re: PIX Firewall, Help with nemask use in NAT and Global comands Luke Butcher (May 07)
- <Possible follow-ups>
- RE: PIX Firewall, Help with nemask use in NAT and Global comands Melson, Paul (May 07)
  - RE: PIX Firewall, Help with nemask use in NAT and Global comands Victor Williams (May 07)