I think the config is too complex for what it (seems) needs to do. If you used PDM, you also can start over from scratch, think you rules over hard, draw a map with all the interfaces and subnets.
What is the propose of these rules (nat 2 / glob 2 ) together? is there some mail/www server sitting on those /32 ip's? global (outside) 2 213.213.128.50 nat (inside) 2 157.157.144.49 255.255.255.255 0 0 nat (inside) 2 10.100.0.0 255.255.0.0 0 0 >From my point of view is what you are doing in nat 0 / nat 1 glob 1 / nat 2 glob 2 doable with nat 0 / nat1 glob 1. Take a hard look at access-list 100. Martijn -----Oorspronkelijk bericht----- Van: Skarphedinsson Arni V. [mailto:[EMAIL PROTECTED] Verzonden: maandag 18 augustus 2003 15:52 Aan: [EMAIL PROTECTED] Onderwerp: RE: PIX xlate question [7:74012] Here are the Global and NAT statements global (outside) 1 213.213.128.100-213.213.128.200 global (outside) 2 213.213.128.50 global (dmz) 1 192.168.17.150 nat (inside) 0 access-list 100 nat (inside) 2 157.157.144.49 255.255.255.255 0 0 nat (inside) 2 10.100.0.0 255.255.0.0 0 0 nat (inside) 1 0.0.0.0 0.0.0.0 0 0 nat (dmz) 1 0.0.0.0 0.0.0.0 0 0 **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74150&t=74012 -------------------------------------------------- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
