Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1045
Views
0
Helpful
2
Replies

Global PAT

SHSCITHelpdesk
Level 1
Level 1

‎12-17-2015 06:34 AM - edited ‎03-12-2019 12:02 AM

Hi All, i am currently replacing a PIX firewall with an ASA 9.5(1).

I have configured the access rules but i am unsure on the best way of configuring PAT on the external interface, which is automatic on the PIX.

I have created a container containing our 2 aggregated IP address ranges which are a /19 and a /20 subnet but testing has been unsuccessful.

 

When testing external access rules I can only connect if I create an object for the individual PC I am using and NAT (PAT Hide) that to the external interface.

I have tried doing the same thing using a network object for the local subnet the PC is on but this has also proved unsuccessful.

I can create an access rule for a group of individual (nat/pat hide) PCs but I would prefer to use PAT.

Any help appreciated.

Pete

Labels:
Preview file
29 KB
Preview file
56 KB
0 Helpful
2 Replies 2

Jon Are Endrerud
Level 3
Level 3

‎12-17-2015 12:32 PM

1. Can you do a "sh run" and dump the config here?

2. Have you tried to run the "packet tracer" ?, see whats happening ?

Please rate as helpful, if that would be the case. Thanx
0 Helpful

Collin Clark
VIP Alumni
VIP Alumni

‎12-17-2015 01:57 PM

Here is how I do it-

object network obj_any
 subnet 0.0.0.0 0.0.0.0

object network obj_any
 nat (any,outside) dynamic interface


HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card