Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
375
Views
0
Helpful
1
Replies

Nat Migration

macboy276
Level 1
Level 1

‎06-08-2015 11:05 AM - edited ‎03-11-2019 11:04 PM

I am migrating from asa 5505 to 5512, i would like to know how do i write nat commands in new version

 

nat (outside) 1 NEW_VPN_POOL 255.255.255.0

nat (inside) 0 access-list inside_nat0_outbound

nat (inside) 1 Inside_Subnet 255.255.255.0

nat (dmz) 0 access-list dmz_nat0_outbound

nat (dmz) 2 DMZ_Subnet 255.255.255.0

nat (asainside) 0 access-list asainside_nat0_outbound

nat (asainside) 1 192.168.4.0 255.255.255.0

nat (Internal_LAN) 1 172.168.1.0 255.255.255.0

static (dmz,outside) 12.14.12.31 VPN_3005 netmask 255.255.255.255

static (inside,dmz) 192.168.2.73 serverDC2 netmask 255.255.255.255

static (outside,inside) VTC VTC_Outside netmask 255.255.255.255

static (Internal_LAN,inside) 172.168.1.0 172.168.1.0 netmask 255.255.255.255

static (inside,outside) 99.99.99.12 SERVERVMSEC netmask 255.255.255.255 

 

Labels:
0 Helpful
1 Reply 1

Akshay Rastogi
Cisco Employee
Cisco Employee

‎06-13-2015 08:32 AM

Hi,

- First step, you need to create objects or object-groups for your concerned hosts or subnet. You need to use these objects in NAT statements in version 8.3 or above.

- For NAT Exempt statements, you could use TWICE/MANUAL NAT by keeping same objects in Real and Mapped portion of NAT statement. 

- For Dynamic NAT statements, you could create Dynamic AUTO/Object NAT.

- For Static NAT Statements, you could create Static AUTO/Object NAT.

Please use the link below to understand and perform the same:

Creating Objects/ Object-group:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/acl_objects.html

 

Object NAT:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/firewall/asa_91_firewall_config/nat_objects.html

 

Twice NAT:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/firewall/asa_91_firewall_config/nat_rules.html

 

Please let me know if you have any query.

Thanks & Regards,

Akshay Rastogi

0 Helpful
Review Cisco Networking for a $25 gift card
Top