Re: ASA 5520 version 9.1 NAT configuration

wimax_isp@yahoo.com · ‎09-12-2018

Good Day all,

I have ASA 5520 running Ver. 9.1 i tried to configure NAT for this IP's

OUTSIDE IP 10.50.20.170 255.255.255.0

INSIDE IP 192.168.88.2 255.255.255.0

the question is how to make the NAT configuration that the INSIDE can use the OUTSIDE IP and access the network ?

Please help me with this i tried too many option non of them worked with me

Marvin Rhoads · ‎09-12-2018

Are you saying you want your host 192.168.88.2 to access other devices on your inside network using the 10.50.20.170 address?

It would ARP for the destination address and, having found it on the local subnet, not use the ASA as a gateway thus the traffic would never pass through the ASA and have the opportunity to be NATted.

wimax_isp@yahoo.com · ‎09-13-2018

thank for your reply. yes that what i'm trying to do can you please list me the commands to do the configuration

Marvin Rhoads · ‎09-13-2018

What I was saying in my second paragraph earlier is that the traffic won't pass through the ASA and thus you cannot make it affect same-subnet traffic.

wimax_isp@yahoo.com · ‎09-13-2018

okay so is there anyway to make them access. i do some configuration i got the ping inside the ASA but when i plug in Computer i got nothing even if i put IP address inside the network. i tried to use another IP address in same-subnet told me ip address duplicated

gbekmezi-DD · ‎09-13-2018

You really need more help than the community. I would reach out to a local Cisco partner in your area to assist you since there are some very fundamental networking concepts you need to understand.

One thing you could probably do is have that inside host vpn to the asa with a full tunnel and then you could manipulate the source IP address it uses to communicate with hosts on the inside. Another option is to move the host from the inside to the outside and then you could assign a different address to the host.