04-01-2016 07:29 AM - last edited on 03-25-2019 05:58 PM by ciscomoderator
Hello
I am looking at the NAT migration from version 8.0 to 8.3.... will the below be right ??
=====================
VERSION 8.0
=====================
global (outside) 1 interface
nat (v12_lvs) 1 192.135.226.100 255.255.255.255
nat (v13_SN5) 1 access-list v13_SN5_nat_outbound
nat (v14_Proxy) 1 access-list v14_Proxy_nat_outbound
nat (v15_HyperVisor) 1 access-list INT-ESX_nat_outbound
access-list v13_SN5_nat_outbound extended permit ip host 192.135.226.99 any
access-list v14_Proxy_nat_outbound extended permit ip host 192.135.226.20 host 23.102.62.213
name 192.135.226.33 SRV_EXT_esx01.net description ESX01 service console
name 192.135.226.36 SRV_EXT_esx02.net description ESX02 service console
access-list INT-ESX_nat_outbound extended permit udp host SRV_EXT_esx01.net any eq ntp
access-list INT-ESX_nat_outbound extended permit udp host SRV_EXT_esx02.net any eq ntp
=====================
VERSION 8.3
=====================
object network SRV_EXT_esx01.net
host 192.135.226.33
!
object net SRV_EXT_esx02.net
host 192.135.226.36
!
object net obj-any
subnet 0.0.0.0 0.0.0.0
!
object network obj-192.135.226.99
host 192.135.226.99
!
object network obj-192.135.226.20
host 192.135.226.20
!
object network obj-23.102.62.213
host 23.102.62.213
!
object service obj-udp-eq-ntp
service tcp destination eq 123
!
object network obj_any
subnet 0.0.0.0 0.0.0.0
!
object network obj-192.135.226.100
host 192.135.226.100
nat (v14_Proxy,outside) dynamic interface
!
nat (v13_SN5,outside) source dynamic obj-192.135.226.99 interface destination static obj-any obj-any
!
nat (v14_Proxy,outside) source dynamic obj-192.135.226.20 interface destination static obj-23.102.62.213 obj-23.102.62.213
!
nat (v15_HyperVisor, outside) source dynamic SRV_EXT_esx01.net interface destination static obj-any obj-any service obj-udp-eq-ntp obj-udp-eq-ntp
nat (v15_HyperVisor, outside) source dynamic SRV_EXT_esx02.net interface destination static obj-any obj-any service obj-udp-eq-ntp obj-udp-eq-ntp
thanks in advance
04-01-2016 08:25 AM
Hi,
It seems good.
I would still try to convert this for you.
I will share the converted NAT statements soon.
Regards,
Aditya
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide