Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
271
Views
5
Helpful
1
Replies

FWSM to ASA config migration issue

S891
Level 2
Level 2

‎05-14-2015 04:35 PM - edited ‎03-11-2019 10:56 PM

Hi,

I am moving FWSM 4.1(15) config to ASA 9.2. I have some specific static natting on FWSM where I have both static (inside,outside) and static (inside,inside) for the same set of internal and external address. It is working fine with the 'alias' for my requirement. 

However, when I migrate the config to ASA the object network only allows one nat statement., either nat (INSIDE,INSIDE) OR nat (INSIDE,OUTSIDE) but not two statements. 

Does anyone have experience with this kind of config on ASA 8.3 or later versions. 

 

FWSM config:

static (INSIDE,OUTSIDE) 96.3.37.132 172.20.48.243 netmask 255.255.255.255

static (INSIDE,INSIDE)     96.3.37.132 172.20.48.243 netmask 255.255.255.255

 

ASA config:

object network obj-172.20.48.243

 nat (INSIDE,INSIDE) static 96.3.37.132

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Vibhor Amrodia
Cisco Employee
Cisco Employee

‎05-15-2015 09:33 AM

Hi,

You can easily create another object with a different name but same Host Ip and create the NAT statement.

Each object needs to have a unique IP address and cannot have two or more non consecutive IP's.

object network obj-172.20.48.243
host 172.20.48.243
 nat (INSIDE,INSIDE) static 96.3.37.132

object network obj-172.20.48.243-1
host 172.20.48.243
 nat (INSIDE,OUTSIDE) static 96.3.37.132

Thanks and Regards,

Vibhor Amrodia

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card