Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
313
Views
0
Helpful
1
Replies

Static NAT verification

J_Vansen_S
Level 3
Level 3

‎09-05-2015 06:26 AM - edited ‎03-11-2019 11:33 PM

Hi all,

I have a static nat question that came up in and environment, but i am not 100% sure if this will work.

Need some verification, due to the nature of the subnet-ed networks done by the ISP,

 

I have an ASA connected direct to the ISP with the network 111.11.11.64/30.

However i need to Static NAT all our Microsoft Lync services to subnet IPs beyond the /30 network which is in the range of 111.11.11.56/29.

Will the above work?

 

Usually i would do a /25 on the public network, but this time, the IPs subneted is being fixed by the ISP, as i do not want the hassle of calling them up to just change the subnet/re-routing on their side

Appreciate any advise

 

 

 

Labels:
staticnat.png
Preview file
23 KB
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎09-05-2015 07:31 AM

That will work. You need:

  1. The network 111.11.11.56/29 has to be routed to your ASA by the ISP
  2. You need the command "arp permit-nonconnected" on the ASA
  3. and the "normal" static NAT and access-control on your ASA
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top