Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
0
Helpful
2
Replies

ASA 5520 using static and nat networks?

rodito
Level 1
Level 1

‎11-30-2005 12:32 PM - edited ‎02-21-2020 12:33 AM

Hello,

We migrated from a pix 515R using a outside and inside interfaces. The old pix has a static ip for the inside interface so we use all the class c ip's on the inside.

We are now migrating to a ASA 5520 but now with the following interfaces. outside, inside, dmz

We would like to have the dmz network as a static class C addresses of our old network and create another inside interface with private ip's i.e. 192.168.233.*

We have the config setup as follows, how can I make the 192.168.233.* to be nat'd?

static (DMZ,outside) 167.176.233.0 167.176.233.0 netmask 255.255.255.0

access-group outside_access_in in interface outside per-user-override

route outside 0.0.0.0 0.0.0.0 204.90.77.233 1

PS: We have a /254 for our router inside and pix outside interfaces. And the whole class C for our DMZ

Thanks for the help.

Jeff

0 Helpful
2 Replies 2

rsmith
Level 3
Level 3

‎11-30-2005 05:08 PM

ip address inside 192.168.233.1 255.255.255.0

nat (inside) 1 192.168.233.0 255.255.255.0

(or "nat (inside) 1 0.0.0.0 0.0.0.0")

global (outside) 1 interface

This will PAT all inside IP addresses to the outside interface IP address.

0 Helpful

rodito
Level 1
Level 1
In response to rsmith

‎11-30-2005 08:48 PM

Thanks.. I will try it out tomorrow when I get back at work. Btw, this shouldn't interfere with the static on the DMZ right? Do I also need to do the following so that my DMZ and inside will talk to each other?

static(DMZ,inside) 192.168.233.0 192.168.233.0 255.255.255.0 0 0 ?

Thanks

Jeff

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card