cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
729
Views
0
Helpful
2
Replies

No NAT problem...

Leo_Stobbe
Level 1
Level 1

I have the hosts with Public IP addresses in inside interface of ASA5510(asa 7.1(2))

When I enable NAT for that IP it can reach the Internet, but when i try to enable No NAT for that IP it can't ping Internet.

I tried.

1.Nat (inside) 0 access-list no_nat

access-list no_nat permit ip x.x.x.97 255.255.255.252 any

2. Nat (inside) 0 x.x.x.96 255.255.255.252

3.static (outside,inside) x.x.x.97 x.x.x.97 netmask

255.255.255.255

4.static (outside,inside) x.x.x.97 access-list no_nat

But it is doesn't work at all!!!

I can't no NAT the public IP.

Thanks in adv.

2 Replies 2

5220
Level 4
Level 4

Hi,

Are you sure your ISP is forwarding your Internal Public subnet?

Regards,

Daniel

jgervia_2
Level 1
Level 1

Hello,

# 1 should work (and will take precedence over your other nat statements). Put that in your configuration, and do a clear xlate, and then .97 (that should that be .96) and the other 3 IP addresses will be allowed without translation.

Make sure you do the 'clear xlate' afterwards or it could still use the already built xlate.

If that doesn't work, please include your entire nat configuration for us to check.

--Jason

Please rate this message if it helped solve some/all of your issue.

Review Cisco Networking for a $25 gift card