Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
545
Views
0
Helpful
1
Replies

ASA5505 NAT Exempt.

mdavis
Level 1
Level 1

‎01-21-2011 07:17 AM - edited ‎03-11-2019 12:38 PM

I currenty have a pix and would like to import some of the commands over but I am having a hard time with converting this nat rule. How would this nat rule be implemented on an ASA.

nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) 10.199.0.0 10.199.0.0 netmask 255.255.0.0 0 0
access-group any in interface outside

Any help will be greatly appreciated.

Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎01-21-2011 08:02 AM

I assume that you are running ASA version 8.3, hence the commands difference.

For the following statement:

static (inside,outside) 10.199.0.0 10.199.0.0 netmask 255.255.0.0 0 0

The corresponding ASA 8.3 command is:

object network obj-10.199.0.0

     subnet 10.199.0.0 255.255.0.0

     nat (inside,outside) source static obj-10.199.0.0

For "nat (inside) 1 0.0.0.0 0.0.0.0 0 0", if I assume that you have the following "global (outside) 1 interface", the corresponding 8.3 command is:

object network obj-inside

     subnet 0.0.0.0 0.0.0.0

     nat (inside,outside) dynamic interface

The "access-group" command is the same in version 8.3.

Hope that helps.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card