05-24-2012 08:56 PM - edited 03-11-2019 04:11 PM
I am sadly lost, again, and need help.
Everything I thought I knew about NAT'ing seems completely backwards.
I am struggling to understand an existing config.
Here are the pertinent lines:
interface GigabitEthernet0/0
description ASA_NET_227.76.40.19/28
nameif Primary_Public
security-level 10
ip address 227.76.40.19 255.255.255.248 standby 227.76.40.20
nat-control
global (Primary_Public) 1 interface
static (Production,Primary_Public) 227.76.41.0 172.20.41.0 netmask 255.255.255.0
To me, as I understand it, the interface Primary_Public is the global interface = OUTSIDE interface.
But, breaking down the static NAT rule, I thought it was:
static (inside, outside) "inside address" "outside address" netmask 255.255.255.0, where we are mapping an entire subnet.
But this makes no sense to me. How can a public address like 227.76.41.0 be considered an "inside address"?
Especially when the interface Primary_Public is declared an outside interface, yet contains an IP address within the subnet that is now stated to be "inside" within the static nat rule.
Solved! Go to Solution.
05-24-2012 09:39 PM
Hello Paul,
You are confused... ASA 8.2 or lower versions speaking the sintax is like this:
static (local interface, global interface) global_ip local_ip
That is the way the static's are build on an asa runing a version 8.2 or lower
Regards,
Do rate all the helpful posts
Julio
Security Networking Engineer
05-24-2012 09:39 PM
Hello Paul,
You are confused... ASA 8.2 or lower versions speaking the sintax is like this:
static (local interface, global interface) global_ip local_ip
That is the way the static's are build on an asa runing a version 8.2 or lower
Regards,
Do rate all the helpful posts
Julio
Security Networking Engineer
05-28-2012 10:55 AM
Thanks Julio.
The material I was looking at was clearly not accurate.
05-28-2012 11:05 AM
Hello Paul,
My pleasure to know I can help
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide