Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1459
Views
0
Helpful
1
Replies

Firewall NAT commands conversion

YZ8006
Level 1
Level 1

‎05-16-2019 11:54 AM

I'm trying to transfer the configuration over from an old firewall to a new Cisco ASA 5506-X firewall. The new firewall will not taking the following NAT commands because the method to configure NAT has changed with the newer versions. Can anyone help me convert these NAT commands to the new commands?

 

global (outside) 1 interface
nat (inside) 0 access-list inside2_nat0_outbound
nat (inside) 1 network-inside 255.255.255.0
nat (inside) 1 network-server 255.255.255.0
nat (inside) 1 network-guest 255.255.255.0
nat (inside) 1 network-Old192 255.255.255.0
static (inside,outside) tcp interface sip pbx sip netmask 255.255.255.255
static (inside,outside) udp interface 4569 pbx 4569 netmask 255.255.255.255
static (inside,outside) tcp interface smtp mail1 smtp netmask 255.255.255.255
static (inside,outside) tcp interface https mail1 https netmask 255.255.255.255

Labels:
0 Helpful
1 Reply 1

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎05-16-2019 01:54 PM

Hello YZ8006,

follow the following excellent document by Jouni Forss about configuration of NAT on ASA for SW version 8.3 and later.

see

https://community.cisco.com/t5/security-documents/asa-nat-8-3-nat-operation-and-configuration-format-cli/ta-p/3143050

 

The document should give you enough info and guidelines on how to make the conversion

 

Hope to help

Giuseppe

 

0 Helpful
Customers Also Viewed These Support Documents