05-27-2012 10:53 AM - edited 02-21-2020 04:39 AM
Hi all!
Can I disable nat at all. I mean comand like this:
no nat (inside) 1 0.0.0.0 0.0.0.0
I want to use my device like router.
Does it work?
(I did access-lists and bind it to interfaces.)
Solved! Go to Solution.
05-27-2012 08:04 PM
Yes you can, and also you would need to disable "nat-control" with the command:
no nat-control
For the ASA to act like a router, please also configure the ASA interfaces in the same security level. If they have different security level, you would need to configure static 1:1 NAT to itself to not NAT the traffic.
Then also configure:
same-security permit inter-interface
05-27-2012 11:15 PM
"nat-control" by default is disabled on the real ASA. So depends on whether you have that enabled before, you might need to disable it.
Otherwise, yes, it will work on the real device too.
05-27-2012 08:04 PM
Yes you can, and also you would need to disable "nat-control" with the command:
no nat-control
For the ASA to act like a router, please also configure the ASA interfaces in the same security level. If they have different security level, you would need to configure static 1:1 NAT to itself to not NAT the traffic.
Then also configure:
same-security permit inter-interface
05-27-2012 09:09 PM
Hi, Jennifer.
I emulate this situation on the GNS, and if I do
no nat (inside) 1 0.0.0.0 0.0.0.0
and right access-list comunication is work.
Do You mean that it is not working at a real device?
05-27-2012 11:15 PM
"nat-control" by default is disabled on the real ASA. So depends on whether you have that enabled before, you might need to disable it.
Otherwise, yes, it will work on the real device too.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide