Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
333
Views
0
Helpful
1
Replies

help needed with NAT on ASA 8.4 (x)

gavin han
Level 1
Level 1

‎10-23-2012 07:12 PM - edited ‎03-11-2019 05:13 PM

inside: security level 100

outside: security level 0

traffic coming in from any IP address on inside interface & going out on outside interface with destination of 12.1.1.1 should be NAT'ed/PAT'ed to 100.1.1.1 IP address. How do we do it in ASA running 8.4 s/w. I'm kinda new the this new kinda NAT commands introduced in 8.3 & later.

Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎10-23-2012 07:18 PM

Here we go (assuming that your inside network is 10.10.10.0/24):

object network obj-10.10.10.0

  subnet 10.10.10.0 255.255.255.0

object network obj-12.1.1.1

  host 12.1.1.1

object-network obj-100.1.1.1

  host 100.1.1.1

nat (inside,outside) source dynamic obj-10.10.10.0 obj-100.1.1.1 destination static obj-12.1.1.1 obj-12.1.1.1

It's always good to be more specific on the inside subnet, instead of using the keyword "any" as it can cause translation issue for other interfaces.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card