01-21-2011 01:29 AM - edited 03-11-2019 12:38 PM
Could any expert here able to give me a hand ? I'm totally new on asa 5505, because of my previous one broken.
I would like to set this up with some static NAT rule located on 192.168.2.0 segment and two segment of internal network able to access Internet at the same time.
192.168.3.0 (workstations subnet)
Linksys WRT54G (router mode)
192.168.2.5
|
192.168.2.1 (servers subnet)
ASA 5505
113.28.102.68
|
113.28.102.70
gateway from ISP
Any help will be appreciated !
Thousand tks
01-21-2011 02:52 AM
access-list workstations permit ip
access-list servers permit ip
nat (inside_interface1) 1 access-list workstations
nat (inside_interface2) 2 access-list servers
global (internet_interface) 1 interface
global (internet_interface) 2 interface
Where inside_interface1 is the name of the interface your workstations are behind.
Where inside_interface2 is the name of the interface your servers are behind.
Where internet_interface is the name of the interface the internet is connected via.
This solution infact uses interface overloading, i.e. PAT, which I think would be a better option.
01-21-2011 07:23 AM
Dear handsy, thanks for your feedback.
Are they (both workstations and servers subnet) able to communication each other while they are on different interface (bi-directional internal traffic) ?
like workstations accessing server using UNC path, web access, icmp, etc....
and some network printers exist on the workstations subnet which servers wanna get connected
On the other hand, the WRT54G is a wireless one, should I disable from there and the ASA itself to provide the lease ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide