02-07-2014 11:54 PM - edited 03-11-2019 08:42 PM
Hi,
Am replacing the Pix 515E firewall with a ASA 5515 firewall. When givingthe below commands:
nat-control
global (dmz) 1 interface
nat (inside) 1 10.1.11.0 255.255.255.0
static (inside,dmz) 172.19.176.91 10.1.11.41 netmask 255.255.255.255
static (inside,dmz) 172.19.176.72 10.1.11.8 netmask 255.255.255.255
static (inside,dmz) 172.19.176.73 10.1.11.9 netmask 255.255.255.255
It displays error:
ERROR: This syntax of nat command has been deprecated.
Please refer to "help nat" command for more details.
Suggest how to enable Nat for the above. Thanks in advance.
Regards,
Ravic.
02-07-2014 11:57 PM
Forgot to mention ASA holds Cisco Adaptive Security Appliance Software Version 8.6(1)2.
02-08-2014 02:10 AM
The NAT configuration is changed as of version 8.3 and is based on group objectes.
here is a good overview of the differences between pre 8.3 and post 8.3
https://supportforums.cisco.com/docs/DOC-9129
To get your NAT config working you would need to enter the following commands, feel free to change the object group names
object network LAN
subnet 10.1.11.0 255.255.255.0
nat (inside,dmz) dynamic interface
object network SERVER1
host 10.1.11.41
nat (inside,dmz) static 172.19.176.91
object network SERVER2
host 10.1.11.8
nat (inside,dmz) static 172.19.176.72
object network SERVER3
host 10.1.11.9
nat (inside,dmz) static 172.19.176.73
--
Please remember to rate and select a correct answer
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide