01-16-2007 03:44 AM - edited 03-11-2019 02:19 AM
I have the hosts with Public IP addresses in inside interface of ASA5510(asa 7.1(2))
When I enable NAT for that IP it can reach the Internet, but when i try to enable No NAT for that IP it can't ping Internet.
I tried.
1.Nat (inside) 0 access-list no_nat
access-list no_nat permit ip x.x.x.97 255.255.255.252 any
2. Nat (inside) 0 x.x.x.96 255.255.255.252
3.static (outside,inside) x.x.x.97 x.x.x.97 netmask
255.255.255.255
4.static (outside,inside) x.x.x.97 access-list no_nat
But it is doesn't work at all!!!
I can't no NAT the public IP.
Thanks in adv.
01-16-2007 05:06 AM
Hi,
Are you sure your ISP is forwarding your Internal Public subnet?
Regards,
Daniel
01-16-2007 10:07 AM
Hello,
# 1 should work (and will take precedence over your other nat statements). Put that in your configuration, and do a clear xlate, and then .97 (that should that be .96) and the other 3 IP addresses will be allowed without translation.
Make sure you do the 'clear xlate' afterwards or it could still use the already built xlate.
If that doesn't work, please include your entire nat configuration for us to check.
--Jason
Please rate this message if it helped solve some/all of your issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide