Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1161
Views
4
Helpful
3
Replies

Global statement without a Nat statement

Go to solution
marktaipp
Level 1
Level 1

ā€Ž09-29-2012 08:41 PM - edited ā€Ž03-11-2019 05:01 PM

Hi,

On our ASA 5510 (running IOS 7.2) we have a global statement that does not have a corresponding nat statement e.i. global (outside) 2 x.x.x.x , but no nat (inside) 2 blah 255.255.0.0

I am assuming that this is a mistake and that global without a nat pair does nothing. Or does it?

Thanks

Mark               

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

ā€Ž09-29-2012 08:45 PM

you are absolutely correct, nat/global statements needs to come in pair.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

ā€Ž09-29-2012 08:45 PM

you are absolutely correct, nat/global statements needs to come in pair.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

ā€Ž09-30-2012 06:42 AM

Mark

Worth checking if you have any other interfaces on the firewall other than the inside interface to see if there is a nat (interface) 2 statement.

Jon

Go to solution
marktaipp
Level 1
Level 1
In response to Jon Marshall

ā€Ž09-30-2012 07:16 PM

Hi Jon,

The firewall has three interfaces inside, outside and DMZ. But is also no "nat (DMZ) 2 blah 255.255.255.0" statement to match the global. I have inherited the config and think that a nat/global pair was but in for what ever resaon, then half pulled out. I wanted to make sure that global statement by itself did nothing and could be removed.

Thanks for your suggestion.

Mark

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card