PIX 506 NAT/PAT

[ChrisAC]

I've got a couple of PIX 506 firewalls to play with before I do a PIX course in January! I'm trying to set up a basic config and I've got a little problem that I'm hoping someone can help me with!

I've set up the IP address of the outside interface with a live IP address and the inside interface with a 192.168.x.x address. I'm trying to set up NAT/PAT to use the external interface of the firewall. I've entered the command

isg_PIX506(config)# nat (inside) 1 0 0

to enable NAT for the inside network. I've then tried to enable PAT using

isg_PIX506(config)# global (outside) 1

http://www.xxx.yyy.zzz

netmask 255.255.255.252

but I get the message back

Start and end addresses overlap with outside interface address
isg_PIX506(config)#

I want to use the IP address of the outside interface but it won't let me!

Am I missing something?

Chris.
********************************
Chris Andrew, CCNA
Technical Support Engineer
********************************

 

[ChrisAC]

I've figured it out! To use the external interface for NAT/PAT you need software version 5.2 or higher! We only have 5.1.

Now I have to try and get a Cisco CCO logon to download the latest version! That's proving more difficult!

Chris.
********************************
Chris Andrew, CCNA
Technical Support Engineer
********************************

 

[gbiello]

Can you post your e-mail address?

 

[ChrisAC]

May I ask why? ********************************
Chris Andrew, CCNA
Technical Support Engineer
********************************

 

[gbiello]

I can help with your upgrade problem "that's proving more difficult!"

 

[ChrisAC]

Actually, it's sorted now! One of out infrastructure guys e-mailed me version 6.1.1, so I'll stick that on tomorrow. I would have done it today but we're having a hardware audit! They want to check our laptops for any "unlicenced software" Ha Ha!!

Thanks anyway!!

Chris.
********************************
Chris Andrew, CCNA
Technical Support Engineer
********************************