Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Global Command on inside and dmz

Status
Not open for further replies.
marhoul

marhoul

IS-IT--Management
Jun 10, 2002
28
AU
I understand why I use a Global command on the outside interface (to use PAT and therefore keep the ip address of inside machines secret and thus the topology of the net) but why would you use them on the dmz or inside interface?

I noticed when I upgraded to ver 6.2(1) that one of the fixes / additions was to allow global on the inside iterface.

Any ideas?

Thanks,

Mark
 
Sort by date Sort by votes
HI.

I guess it is to allow NAT/PAT in the reverse direction, for example a branch office or partner net is connected to a 3rd interface on pix, and you want to NAT/PAT in both directions, instead of using nat 0 or nat only from inside.

But this is my guess, I didn't read nor test it.

Bye
Yizhar Hurwitz
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
696
Sameer258
Sameer258
jim_bmx
  • Locked
  • Question
sh proxy command
Replies
0
Views
600
jim_bmx
jim_bmx
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
526
nnaarrnn
nnaarrnn
sudhakar346
  • Locked
  • Question
Cisco ASA inside to DMZ issue over public IP
Replies
2
Views
157
kythri
kythri
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
460
Nitta84
Nitta84

Part and Inventory Search

Sponsor

Back
Top