05-04-2012 05:36 AM - edited 03-11-2019 04:02 PM
After the Upgrade I have some trouble to setup my needed configuration.
I have 2 active Interfaces:
private 10.10.10.15/24
public 176.xxx.xxx.15/24
I want that the hosts inside the private LAN can reach the Internet and I'm using ASDM for configuration.
Firstly I have created a Network Object "InsideNet" 10.10.10.0/24
As next I have try to configre a NAT Rule and try all NAT Types using my Network Object as Source but no one was the right one.
Can someone tell me what NAT Rule I need to define for my simple requirement?
05-04-2012 07:06 AM
object network Private_Net
subnet 10.10.10.0 255.255.255.0
nat (private, public) dynamic interface
the above config will nat all the private hosts to the public interface
05-07-2012 01:11 AM
Thank you, this has really helped but I had must set:
nat (private,public) source dynamic any interface
But it opened a new problem:
This Cisco ASA I only use for NAT Routing and VPN Access to the private Net it's connected to 2 VLAN's (private net, public net) over 2 of it's Interfaces on a managed Switch only (means it don't sit between Router and Switch, as I don't wan't push Internet traffic trough it).
After I connected with AnyConnect I was not able to reach any other Host Inside 10.10.10.0 net, I have try to change my VPN IP Pool from 10.10.10.0 to 10.10.11.0 which don't helped any.
Do you have some idea how I can solve that?
05-07-2012 07:10 AM
"Thank you, this has really helped but I had must set:
nat (private,public) source dynamic any interface"
Are you using an access-list to define your private hosts? Can you send your config and also the network diagram.
for the remote access VPN to work you have to exempt (NAT exempt) few ips from the private network and use them for VPN clients.- modify the ip address pool in your VPN config to 10.10.10.192 255.255.255.224
object network obj-vpnpool
range 10.10.10.192 10.10.10.224
nat (inside,outside) source static any any destination static obj-vpnpool obj-vpnpool
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide