in
IEOC CCIE Forums

IEOC - INE's Online Community

Welcome to INE's Online Community - IEOC - a place for CCIE and CCENT candidates to connect, share, and learn. Our Online Community features CCIE forums and discussions for all tracks including Routing & Switching, Voice, Security, Service Provider, Wireless,, and Storage. Through these online communities you can discuss your questions with thousands of your peers, hundreds of CCIE's and INE's own team of world renowned CCIE instructors and authors, Brian Dennis - Quintuple CCIE #2210, Brian McGahan – Triple CCIE #8593, Petr Lapukhov - Quad CCIE #16379, and Mark Snow - Dual CCIE #14073.
All Tags » nat (RSS)

Browse Forum Posts by Tags

Showing related tags and posts for the CCIE Security Technical forum. See all tags in the site
  • applying NAT (port-map) on VPN clients

    Hi. I have ASA 9.x with 2 IKEv1 site-to-site VPNs to 2 branches. I have also a web server inside the main office that services the web requests sent to TCP 8080. clients which access this web server are inside the main office as well as the branches. the IP addresses of the branch clients has been assigned...
    Posted to CCIE Security Technical (Forum) by timaz on 11-15-2016
  • ASA 8.2 bidirectional NAT

    HI there. I am trying to build a NAT on ASA 8.2 that supports bidirectional connection for /24 network public address. I see in the documentation that it should be possible by doing this. access-list extended NAT2 permit ip 11.11.0.0 255.255.255.0 9.9.9.0 255.255.0.0 static (in,out) 200.200.9.0 access...
    Posted to CCIE Security Technical (Forum) by ais on 05-05-2015
  • Anyconnect on Andorid connecting to Externally hosted app issue

    Hello All, It would highly appreciated if anyone can help find solution on the below mentioned scenario: We are trying to access few externally hosted applications via anyconnect on the android devices. However, those are not accessible. We can access the internal sites without any issues. We can access...
    Posted to CCIE Security Technical (Forum) by Ameyadh on 12-24-2014
  • IOS Overload NAT can not use reversible

    I was doing the IOS Overload NAT lab. Using Overload is not a problem, the problem arose when I tried to use the reversible keyword next to overload NAT. When I look at the Cisco documentation it is mentioned that the reversible keyword can be used in combination with a route-map. But it does not make...
    Posted to CCIE Security Technical (Forum) by Jacko on 12-15-2014
  • IOS Static NAT routing

    Hello, I was doing lab IOS Static NAT in section 6. When verifying my nat translations from SW1 to R3 there were two EIGRP routes: One via R1 where I configured the nat static and one via R2 where no NAT was configured. It confuses me. My verification traffic went through R2 so no NAT was being performed...
    Posted to CCIE Security Technical (Forum) by Jacko on 12-13-2014
  • Re: Static NAT question

    Hi Rodrigo, I am having issue with NAT. Your explanation was helpful but couldn't resolve the issue I have at hand scratching head. access-list access-private-DMZ extended permit IP 40.40.40.0 255.255.255.0 host 30.30.30.51 eq 8080 access-list access-private-DMZ extended permit IP 40.40.40.0 255...
    Posted to CCIE Security Technical (Forum) by ciscangel on 03-09-2012
  • ios static nat

    Hello Anyone, is there someone who can tell me what the IOS equivalent command is of the ASA static to same ip translation. I.O. static (inside,outside) 136.1.122.12 136.1.122.12 netmask 255.2555.255.255? How do i to this in IOS? Thanks,
    Posted to CCIE Security Technical (Forum) by koppenaald on 05-07-2010
  • Re: ASA, Ver 8.0(4), Static PAT queries

    Regarding 2 > Acording to Configuration guides, the keyword "interface" should be used only when IP is assigned dynamically (DHCP). In this case your addres is assigned manually, so use it explicit. Cheers!
    Posted to CCIE Security Technical (Forum) by pawl0 on 10-19-2009
  • Re: servers on dmz . nat or public ip is better

    You dont have to use NAT if your servers are on the DMZ. You have security levels to contend with and access-lists / MPF to control traffic. You can enable nat on but you are just adding another layer of config/complexity. I think if you have enough IP address space you can use it. One thing does come...
    Posted to CCIE Security Technical (Forum) by Anonymous on 11-11-2008
  • Re: Security volume I VPN section: IPsec HA with NAT and HSRP

    I just finished labbing this up and the output is correct: interface: FastEthernet0/0 Crypto map tag: vpn, local addr. 136.1.234.2 protected vrf: local ident (addr/mask/prot/port): (150.1.2.0/255.255.255.0/0/0) remote ident (addr/mask/prot/port): (150.1.1.0/255.255.255.0/0/0) current_peer: 136.1.234...
    Posted to CCIE Security Technical (Forum) by Anonymous on 11-06-2008
Page 1 of 2 (11 items) 1 2 Next >
IEOC CCIE Forums Internetwork Expert CCIE Training
About IEOC | Terms of Use | RSS | Privacy Policy
© 2010 Internetwork Expert, Inc. All Rights Reserved