102 ServerIron ADX Security Guide
53-1002440-03
Configuring NAT
4
ServerIronADX(config)# interface ethernet 1/1
ServerIronADX(config-if-e1000-1/5) ip address 30.30.0.1 255.255.0.0
ServerIronADX(config-if-e1000-1/5) ip nat outside
The following command creates a pool of IP NAT addresses from 15.15.15.15 to 15.15.15.25
named p1.
ServerIronADX(config)# ip nat pool p1 15.15.15.15 15.15.15.25 prefix-len 24
An ACL is created to permit traffic from inside hosts in the 20.20.0.0 network as shown.
ServerIronADX(config)# access-list 1 permit 20.20.0.0 0.0.255.255
The following command ties the inside source list defined in ACL “1” to the pool named “p1” and
enables PAT to send traffic out the interface defined as “outside”.
ServerIronADX(config)# ip nat inside source list 1 pool p1
Static NAT configuration example
The following examples describe how to configure a Static NAT configuration for Inside to Outside
and Outside to Inside translation for the example shown in Figure8.
FIGURE 8 Example of a static NAT configuration using router code
Configured for inside to outside translation
In the following example, the ServerIron ADX is configured to translate the local host IP address
20.20.5.6 to the unique global address 15.15.15.15.
This example requires that Interfaces 1/5 and 1/1 be configured as Inside and Outside interfaces
respectively as shown.
ServerIronADX(config)# interface ethernet 1/5
ServerIronADX(config-if-e1000-1/5) ip address 20.20.50.1 255.255.0.0
ServerIronADX(config-if-e1000-1/5) ip nat inside
Remote Server
Internet
Inside Interface
Outside Interface
1/1
1/5
Global IP address: 15.15.15.15
Local IP address: 20.20.5.6
SI