Re: NAT/PAT question

startx001 · ‎09-23-2019

Hi,

How to nat all ip's from lan to one public for access to internet?

Is command correct without "pat-pool" ? . i dont want to get exhausted message.

ASA version 9.10

object network obj-public

host 5.5.5.5

object network obj-lan

subnet 10.10.10.0 255.255.255.0

nat (inside,outside) dynamic obj-public

OR i need to add command "pat-pool"

object network obj-lan

subnet 10.10.10.0 255.255.255.0

nat (inside,outside) dynamic pat-pool obj-public

balaji.bandi · ‎09-23-2019

As per my understand you looking to NAT from inside LAN IP pool to go out using 1 Public IP ?

if yes then you need NAT.

or

If you looking from Internet access you local resource using 1 Public IP, then you need PAT here. (for many different ports to be mapped).

if this is not the case more clarify required here.

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

startx001 · ‎09-23-2019

Loacl lan to access to internet using one public ip.

balaji.bandi · ‎09-23-2019

you already object group :

nat (inside,outside) source dynamic obj-lan obj-public

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Rob Ingram · ‎09-23-2019

Hi,
Use the syntax below to NAT LAN subnet "obj-lan" behind the "obj-public" IP address:-

nat (inside,outside) source dynamic obj-lan obj-public

HTH

startx001 · ‎09-23-2019

but its same like nat under object, right?

object network obj-lan

subnet 10.10.10.0 255.255.255.0

nat (inside,outside) dynamic obj-public

Rob Ingram · ‎09-23-2019

Ok, yes you can of course define the NAT under the object "obj-lan" that would also work.

balaji.bandi · ‎09-23-2019

agreed with @Rob Ingram

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help