GroupStudy.com - CCIE, CCNA, CCNP and other Cisco Certifications

Home

BookStore

StudyNotes

Links

[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

Subject: Re: NAT\Alias
From: "James" <james@xxxxxxxxxxxxxxx>
Date: Wed, 4 Dec 2002 15:19:42 +0200
References: <20021204035049.DE5498AED8@xmxpita.excite.com>

Here is a nice link with 2 examples.

http://www.cisco.com/warp/public/110/alias.html

Thanks

James


----- Original Message -----
From: "Jim" <systemboard@xxxxxxxxxx>
To: <security@xxxxxxxxxxxxxx>
Sent: Wednesday, December 04, 2002 5:50 AM
Subject: RE: NAT\Alias


> Since Justin brings up the alias command can someone explain the alias
command with a real example?  I have read about alias on CCO and the
explanation does not register.  I was under the impression the alias command
had to do with not running DNS on an internal network and having illegal
addressing on the inside.
>
> Confused.
>
> JT
>
>
>  --- On Tue 12/03, Justin Menga  wrote:From: Justin Menga [mailto:
Justin.Menga@xxxxxxxxxxxxxx]To: Brian.Ritchie@xxxxxxxxxxx,
security@xxxxxxxxxxxxxxxxxx: Wed, 4 Dec 2002 15:00:37 +1300 Subject: RE:
NAT'ing based on source AND destinationHi,
>
> You can use the alias command for this.
>
> Regards,
> Justin
>
> -----Original Message-----
> From: Ritchie, Brian [mailto:Brian.Ritchie@xxxxxxxxxxx]
> Sent: Wednesday, December 04, 2002 5:23 AM
> To: 'security@xxxxxxxxxxxxxx'
> Subject: NAT'ing based on source AND destination
>
>
> Hello all,
>
> Is there any way on a pix to perform NAT based on source AND destination ?
>
> For example, my internal network is 10.1.1.0/24 and I PAT all clients
> leaving the internal network using the external interface IP address.
> However, when an internal client wants to connect to a specific internet
> host x.x.x.x I want to NAT to a different IP in my public address space.
>
> I am aware of associating a nat rule with an access-list, but this is only
> possible if you dont want to nat for VPN's etc (ie nat (inside) 0).
>
> I've looked around and cant find any examples of how to do this, although
I
> have seen it done on other firewall implementations, using Checkpoint for
> example.
>
> Any help or work arounds are greatly appriciated.
>
> FYI ...... I am using software version 6.1(4) and dont have any other
> devices to perform further NATing above or below the firewall.
>
> Thanks in advance, Brian
>
>
> This e-mail and any files transmitted with it are intended solely for the
> addressee and are confidential. They may also be legally privileged.
> Copyright in them is reserved by Delphis Consulting PLC ["Delphis"] and
they
> must not be disclosed to, or used by, anyone other than the addressee.
>
> If you have received this e-mail and any accompanying files in error, you
> may not copy, publish or use them in any way and you should delete them
from
> your system and notify us immediately.
>
> E-mails are not secure.  Delphis does not accept responsibility for
changes
> to e-mails that occur after they have been sent.
>
> Any opinions expressed in this e-mail may be personal to the author and
may
> not necessarily reflect the opinions of Delphis.
>
>
> _______________________________________________
> Join Excite! - http://www.excite.com
> The most personalized portal on the Web!

References:
- RE: NAT\Alias
  - From: Jim

Prev by Date: RE: NAT\Alias
Next by Date: RE: NAT\Alias
Previous by thread: RE: NAT\Alias
Next by thread: Cat 6k IOS/CatOS
Index(es):
- Date
- Thread