Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
479
Views
0
Helpful
2
Replies

Can I only NAT internal servers to the subnet of the ASA outside interface?

gwhuang5398
Level 2
Level 2

‎02-02-2012 12:07 PM - edited ‎03-11-2019 03:23 PM

ASA's outside interface is a /24 in public address space. I also have a few different /24 public subnets that can be used for NAT. When I static NAT internal servers, do I have to NAT them to the /24 of the outside interface or can I use a difference available /24 subnet? What's the best practice when picking available public subnets for NAT?

Thanks a lot

Labels:
0 Helpful
2 Replies 2

Julio Carvajal
VIP Alumni
VIP Alumni

‎02-02-2012 01:03 PM

yes, You can also use a different public ip range from the same ISP, The ASA will proxy arp those ip addresses as well.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

integreon
Level 1
Level 1

‎02-02-2012 03:22 PM

Hi,

That doesn't make any difference. You can use IP's from any pool

Anton

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card