Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
459
Views
0
Helpful
2
Replies

Identity NAT on ASA running Version 9.0(1)

Bouki
Level 1
Level 1

‎04-09-2018 03:35 PM - edited ‎02-21-2020 10:53 AM

Hi guys,

 

I cannot have access without Identity NAT configured.

 

Object: LAN

 

object network LAN
 subnet 10.100.52.0 255.255.255.0

 

NAT:

object network LAN
 nat (inside,outside) static 10.100.52.0 no-proxy-arp route-lookup

 

I want to emphasise that there is not PAT configured and this is the only NAT statement configured on the box , without it I cannot access the Internet.

 

Why do I need the Identity NAT if there is no other statement shadowing it?

 

Many thanks

 

Labels:
0 Helpful
2 Replies 2

Mohammed al Baqari
Level 11
Level 11

‎04-09-2018 09:14 PM

Does you upstream router has a route-back towards your natted IP or do you
have an ACL rule limiting internet access on other IPs.
0 Helpful

Bouki
Level 1
Level 1
In response to Mohammed al Baqari

‎04-10-2018 01:51 AM

Yes, there are routes defined statically back to those natted IP addresses

0 Helpful
Customers Also Viewed These Support Documents