Hi guys,
I'm implementing NAT rules on my PIX 525 ( 6.3.(4) ). I'd like to know whether NAT 0 is done before or after static (intf1, intf2) .....
I created a NAT 0 rule using nested group both for source and destinations. For same combination of source /destinations I would want to override that rule doing a specific static NAT. Is it possible?
Or must I remove those particular combinations from NAT 0?
TIA,
Alex.
Check this page out -
The short answer to your question is, the static will tke precedence over the NAT.
-K
===
Hi guys,
I'm implementing NAT rules on my PIX 525 ( 6.3.(4) ). I'd like to know whether NAT 0 is done before or after static (intf1, intf2) .....
I created a NAT 0 rule using nested group both for source and destinations. For same combination of source /destinations I would want to override that rule doing a specific static NAT. Is it possible?
Or must I remove those particular combinations from NAT 0?
TIA,
Alex.
The order of operations for PIX 6.3 is given a couple of times in the reference manual, such as under the 'static' command.
If you have a flow designated via nat 0 access-list then other kinds of nat/static will not be checked for anything that matches that flow.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.