Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4761
Views
5
Helpful
2
Replies

asa NAT and outside interface overlap

Go to solution
dajohnso
Level 1
Level 1

‎12-19-2020 01:38 PM

I have seen several questions answered similar to this one but not 100% they match exactly? I have setup several ASA's with outside interfaces that have several IP addresses, now I am trying to set one up that only has 1 static public IP on the outside interface and getting an error that the NAT was not downloaded because it overlapped the outside interface IP. I am upgrading a asa pix that worked fine with the same config but getting the error trying to configure the asa5506 the same way. The public IP was change to 1.1.1.1 for this example but I am using the public IP assigned to me.

 

interface GigabitEthernet1/1
nameif Outside
security-level 0
ip address 1.1.1.1 255.255.255.0
no shut
route Outside 0.0.0.0 0.0.0.0 1.1.1.1 1
object network POOL-FTTI
range 1.1.1.1 1.1.1.1
nat (Inside,Outside) dynamic POOL-FTTI

ERROR: Address 1.1.1.1 overlaps with Outside interface address.
ERROR: NAT Policy is not downloaded

Is there a way to configure the NAT pool for all internal devices to use the same IP as the outside interface? I am using this NAT for all internal devices that are in the DHCP scope for when they go out to the internet. I also expect to setup machien 2 machine VPN to an asa 5508 on the same interface.

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎12-19-2020 01:49 PM

Hi @dajohnso 

If you only have the one IP address assigned to the outside interface use interface instead of defining an IP address in the nat configuration. E.g.

 

nat (Inside,Outside) dynamic interface

 HTH

View solution in original post

Go to solution
dajohnso
Level 1
Level 1

‎12-19-2020 02:27 PM

Thanks, it took that command ok, lets see if it works.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎12-19-2020 01:49 PM

Hi @dajohnso 

If you only have the one IP address assigned to the outside interface use interface instead of defining an IP address in the nat configuration. E.g.

 

nat (Inside,Outside) dynamic interface

 HTH

Go to solution
dajohnso
Level 1
Level 1

‎12-19-2020 02:27 PM

Thanks, it took that command ok, lets see if it works.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card