04-21-2023 04:31 AM
Hi Community!
Solved! Go to Solution.
04-21-2023 04:54 AM
@RicardoMG you just need to get the ISP to route the second /29 network to the IP address of your Firewall. You can then define NAT objects using the second network.
You don't need additional licenses.
04-21-2023 04:36 AM - edited 04-21-2023 05:03 AM
A-I think even with ASA the NATing to POOL, the subnet POOL must match the OUT interface
if you have one cable from SP and two separate public subnet, then I think you can connect SW between FW and SP and
use to interface in FW to connect to SW.
the most important is SP know both subet.
B- I check the cisco ASA guide there is not restriction for point A, still please monitor NATing
but in guide there is solution for your case
config object group include to object network for each POOL and then use object group in NATing instead of both POOL object network
04-21-2023 04:54 AM
@RicardoMG you just need to get the ISP to route the second /29 network to the IP address of your Firewall. You can then define NAT objects using the second network.
You don't need additional licenses.
04-24-2023 12:10 AM
Thank you so much for your help. In the laboratory that we have created for the issue, it was enough creating the NAT for each IP from the each pool to the local server. For the next step, we are going to ensure with the ISP, that all the traffic is redirected to the IP that we have configured in the outside interface.
Thank you so much to all!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide