top of page


Objective: the goal is for an outsider to access our web server 

1.1 Security Policy + Destination NAT 

1.2 Test with a GNS3 router

1.1 Security Policy + Destination NAT 

  • Destination NAT Policy (think as of NAT happens before security rules)

  • Security rule: Pre-NAT address, Post-NAT zone

1.2 Test with a virtual router in GNS3

  • Configure a virtual router (associated with vmnet1) with username, password, http enabled, IP, DG - see script below:

conf t
username admin privilege 15 secret admin
ip http server
ip http authentication local
interface fa0/0
no shutdown
ip address
ip route



  • The rest of setup and configuration, see the notes of "Security Policy and Static NAT" session 2.2

bottom of page