12-11-2014 05:39 PM - edited 03-11-2019 10:13 PM
Internal 192.168.0.0/24
How can Internal LAN to be NAT to the Outside as different range of IP address?
192.168.0.0-------->NAT------------> 10.215.0.0
ASA ver 8.0(3)
is it possible??
12-11-2014 11:25 PM
Hi,
What is the Subnet Range of 10.215.0.0 ? If it is /24 , you can use this:-
static (inside,outside) 10.215.0.0 192.168.0.0 netmask 255.255.255.0
This will make sure that every IP takes it's corresponding IP in the NAT subnet.
Thanks and Regards,
Vibhor Amrodia
12-12-2014 01:12 AM
Apparently it can't
MLK-ASA(config)# static (inside,outside) 10.215.0.0 192.168.0.0 netmask$
WARNING: real-address conflict with existing static
TCP Inside:192.168.0.254/23 to outside:60.51.196.54/2828 netmask 255.255.255.255
12-12-2014 01:36 AM
Hi,
Although this is a warning and we also have an existing Xlate which is overlapping with the IP which you are using.
You can use Packet Trace to verify the configuration:-
https://supportforums.cisco.com/document/29601/troubleshooting-access-problems-using-packet-tracer
Thanks and Regards,
Vibhor Amrodia
12-12-2014 02:27 AM
Actually, the real scenario is like this..
i want to perform site to site to remote.
local lan is 192.168.0.0/25. The remote lan is 10.210.0.0/24.
So is it really possible to NAT 192.168.0.0 to 10.215.0.0 and make it the interesting traffic.??
bcoz the remote site ACL is
ip access-list extended KP-KPMMF-ACL
permit ip 10.210.0.0 0.0.0.255 10.215.10.0 0.0.0.255
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: