cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Cisco ASA 5510 VER 8.2

Jonathan Forbes
Beginner
Beginner
Hello We have a cisco asa with internet working fine for inside users. We have set up a guest zone on the firewall. We are trying to allow users from the guest network to access the internet. What command do I have to set up on the firewall to allow internet access from the guest network to the internet. Thanks
1 ACCEPTED SOLUTION

Accepted Solutions

joseoroz
Cisco Employee
Cisco Employee

Hello Jonathan,

Question? is the guest network going to be behind a new interface?

 

If that is the case and the security level is higher than the public interface you will need only to setup NAT.

 

If you already have a global command and you want to use the same public IP for the NAT the configuration will look something like this.

 

NAT (inside) 1 0.0.0.0 0.0.0.0.0

NAT (guest-network) 1 0.0.0.0 0.0.0.0

Global (outside) 1 interface

 

 

View solution in original post

3 REPLIES 3

joseoroz
Cisco Employee
Cisco Employee

Hello Jonathan,

Question? is the guest network going to be behind a new interface?

 

If that is the case and the security level is higher than the public interface you will need only to setup NAT.

 

If you already have a global command and you want to use the same public IP for the NAT the configuration will look something like this.

 

NAT (inside) 1 0.0.0.0 0.0.0.0.0

NAT (guest-network) 1 0.0.0.0 0.0.0.0

Global (outside) 1 interface

 

 

The guest network is on a sub interface vlan on the firewall.

 

Do I need to make it different port instead of a vlan interface?

 

 

Thanks

 

Hello Jonathan,

 

When you create an interface or sub interface that will be a separate area. That means that you will need to create NAT and a new set of rules for it. (ej sec level nameif nat access-groups) 

 

The example that I provided you still applies if you are using sub interfaces instead of the physical interface.

 

Regards,

Jose Orozco.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: