cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
232
Views
0
Helpful
0
Replies

NAT not translating private IP to public on ASA in Packet tracer 8.1

RudiCrome
Beginner
Beginner

I've been having an issue in Packet tracer while trying to set up NAT on the ASA 5505. When sending a ping the outside router from an inside client, the address is not translated at the ASA, and as such the outgoing source remains the clients private IP. I am very new to networking, however from what I have read this should be working with the current config. Strangely, I can get NAT to work by changing the network object for the internal subnet to static NAT, then changing it back to dynamic interface, though this does not survive a reboot and the problem persists. This could be a simple issue or a lack in my knowledge, but I have been stuck trying to fix this for a few days now and haven't been able to make any progress. Any help would be greatly appreciated.

Config for firewall

ciscoasa(config-network-object)#sh run

: Saved

:

ASA Version 8.4(2)

!

hostname ciscoasa

names

!

interface Ethernet0/0

!

interface Ethernet0/1

switchport access vlan 2

!

interface Ethernet0/2

!

interface Ethernet0/3

!

interface Ethernet0/4

!

interface Ethernet0/5

!

interface Ethernet0/6

!

interface Ethernet0/7

!

interface Vlan1

nameif inside

security-level 100

ip address 192.168.1.1 255.255.255.0

!

interface Vlan2

nameif outside

security-level 100

ip address 200.201.202.1 255.255.255.0

!

object network inside_to_outside

subnet 192.168.10.0 255.255.255.0

nat (inside,outside) dynamic interface

!

route outside 0.0.0.0 0.0.0.0 200.201.202.2 1

route inside 192.168.10.0 255.255.255.0 192.168.1.2 1

!

!

!

!

!

!

!

!

telnet timeout 5

ssh timeout 5

!

dhcpd auto_config outside

!

!

dhcpd address 192.168.1.5-192.168.1.36 inside

dhcpd enable inside

!

!

!

!

Multilayer switch config

Switch>en

Switch#sh run

Building configuration...

 

Current configuration : 1457 bytes

!

version 12.2(37)SE1

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname Switch

!

!

!

!

!

!

ip routing

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

spanning-tree mode pvst

!

!

!

!

!

!

interface FastEthernet0/1

!

interface FastEthernet0/2

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface FastEthernet0/3

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface FastEthernet0/4

!

interface FastEthernet0/5

!

interface FastEthernet0/6

!

interface FastEthernet0/7

!

interface FastEthernet0/8

!

interface FastEthernet0/9

!

interface FastEthernet0/10

!

interface FastEthernet0/11

!

interface FastEthernet0/12

!

interface FastEthernet0/13

!

interface FastEthernet0/14

!

interface FastEthernet0/15

!

interface FastEthernet0/16

!

interface FastEthernet0/17

!

interface FastEthernet0/18

!

interface FastEthernet0/19

!

interface FastEthernet0/20

!

interface FastEthernet0/21

!

interface FastEthernet0/22

!

interface FastEthernet0/23

!

interface FastEthernet0/24

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface Vlan1

ip address 192.168.1.2 255.255.255.0

!

interface Vlan10

mac-address 000c.8592.6301

ip address 192.168.10.1 255.255.255.0

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.1

ip route 192.168.10.0 255.255.255.0 192.168.1.1

!

ip flow-export version 9

!

!

!

!

!

!

!

!

line con 0

!

line aux 0

!

line vty 0 4

login

!

!

!

!

end

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers