Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
456
Views
5
Helpful
2
Replies

NAT on the ASA- Help!

mjsully
Level 1
Level 1

‎09-22-2008 06:07 AM - edited ‎03-11-2019 06:47 AM

I'm pulling the configs off our old 515 firewalls and putting them on our new ASA 5500's. On the 515, we were NATng everything inside to a public address tied to the outside interface (not the interface address itself). Here is the config for the inside NAT

nat (inside) 1 0.0.0.0 0.0.0.0

global (outside) 1 x.x.x.x

I also have similiar NAT statements on other interfaces on the PIX, all which are similiar as my inside NAT config.

My question is, do I need to enable nat-control on the ASAs to make it behave the same way as my 515s? I'm a little confused as to whether its needed or not?

Labels:
0 Helpful
2 Replies 2

guibarati
Level 4
Level 4

‎09-22-2008 06:11 AM

nat-control will make it mandatory for all traffic goint through the ASA to be NATed, with "no nat-control" you can have traffic with NAT 0 (no nat) goint through the firewall. If you use nat 0 you need "no nat-control" if you dont use nat 0 it makes no difference having or not nat control.

This is the information another member of NETPRO told me in an old post.

0 Helpful

veljko.tasic
Level 1
Level 1

‎09-22-2008 11:22 PM

If you want to change device and to keep current configuration, best way to do this is to use new tool Pix-to-Asa migration tool.

It will change your configuration to adopt it to asa.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card