Solved: ASA 5520 Natting subnets - Cisco Community

281

Views

0

Helpful

1

Replies

I've got a pair of 5520s in active/passive failover for a large, flat lan (/16).

I'm in the process of vlanning some of the remote sites. If I use a larger mask (/24) for the vlans, but use the same first two octets, do I need to make changes to the nat statements, etc, on the firewall?

1 Accepted Solution

Accepted Solutions

Hi

Assuming you mean something along the lines of

nat (inside) 1 172.16.0.0 255.255.0.0

global (outside) 1 interface

or something like that then you create your /24 vlans as

172.16.1.0/24

172.16.2.0/24

etc. then i can't see a problem with this.

HTH

Jon

View solution in original post

1 Reply 1

Hi

Assuming you mean something along the lines of

nat (inside) 1 172.16.0.0 255.255.0.0

global (outside) 1 interface

or something like that then you create your /24 vlans as

172.16.1.0/24

172.16.2.0/24

etc. then i can't see a problem with this.

HTH

Jon

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card