Skip navigation
Cisco Learning Home > Certifications > CCIE Security > Discussions

_Communities

666 Views 1 Reply Latest reply: Mar 3, 2012 8:19 PM by Kingsley - CCSP/CCIP/ CCNP/CCIE Security RSS

Currently Being Moderated

Icmp type and Policy-nat

Mar 3, 2012 4:19 PM

Dr. RDX 271 posts since
May 25, 2009

Task requires to configure policy nat for ping request from PCA to ServerB Having ASA in between

 

PCA = 1.1.1.1

ServerB - 2.2.2.2

 

My solution:

access-list extended natentry permit icmp host 1.1.1.1 host 2.2.2.2 echo

 

nat (inside) 1 access-list natentry

global (outside) 1 2.2.2.10

 

End Result = Doesnt works

 

 

Another Solution:

access-list extended natentry permit icmp host 1.1.1.1 host 2.2.2.2

 

nat (inside) 1 access-list natentry

global (outside) 1 2.2.2.10

 

End Result = Works

 

Why is it not working when I have narrowed the ACL down to echo because I want NAT to be done once PCA issues echo request and not the entire of icmp types .

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)