Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
951
Views
0
Helpful
4
Replies

Help ASA NAT 8.3

Go to solution
f.mottini
Level 1
Level 1

ā€Ž05-14-2012 12:14 AM - edited ā€Ž03-11-2019 04:06 PM

Dear  all,

i have this problem.

I need to nat for navigation all private ip address that arrive to the inside interface of the ASA to a specific ip address to internet.

The inside interface have address 10.10.10.1

The IP address that arrive to the inside interface are from 10.10.10.x 10.0.10.x 172.16.0.x and 192.168.0.x. I need to nat with ip address of the outiside interface of the ASA.

ANY internal ip -----> 212.9.9.9 nat with outside ip address interface.

i perform this configuration, is this config correct?

object network out-serv

host 212.9.9.9

object-group network DM_INLINE_NETWORK_4

network-object object out-serv

nat (inside,outside1) source dynamic any interface destination static DM_INLINE_NETWORK_4 DM_INLINE_NETWORK_4

thanks  a lot regards

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
varrao
Level 10
Level 10
In response to f.mottini

ā€Ž05-14-2012 01:08 AM

If you just want to restrict it for a specific internet IP, then your Nat statement is absoultely correct:

nat (inside,outside1) source dynamic any interface destination static DM_INLINE_NETWORK_4 DM_INLINE_NETWORK_4

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao

View solution in original post

0 Helpful
4 Replies 4

Go to solution
varrao
Level 10
Level 10

ā€Ž05-14-2012 12:56 AM

Hi,

Your nat should just be:

nat (inside,outside1) source dynamic any interface

and this would nat all the traffic coming from inside interface and going to internet to the outside interface of the ASA.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao
0 Helpful

Go to solution
f.mottini
Level 1
Level 1
In response to varrao

ā€Ž05-14-2012 01:04 AM

Thanks,

but if i want to restrict the nat to an exactly destination 212.9.9.9

so i want that all the inside networks are translated with the outside interface when try to contact this pubblic ip address 212.9.9.9

thanks a lot best regards

0 Helpful

Go to solution
varrao
Level 10
Level 10
In response to f.mottini

ā€Ž05-14-2012 01:08 AM

If you just want to restrict it for a specific internet IP, then your Nat statement is absoultely correct:

nat (inside,outside1) source dynamic any interface destination static DM_INLINE_NETWORK_4 DM_INLINE_NETWORK_4

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao
0 Helpful

Go to solution
f.mottini
Level 1
Level 1
In response to varrao

ā€Ž05-14-2012 01:25 AM

thanks a lot

regards

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card