11-13-2012 10:52 AM - edited 03-11-2019 05:22 PM
I am trying to configure dynamic PAT on a Cisco ASA 5510 using an object-group and having difficulty.
How can I use an object-group, which includes five subnets, as a source for NATing to a dynamic PAT address?
Solved! Go to Solution.
11-13-2012 11:36 AM
Hello,
Okay so you already created the object-group ( Let's say it's called internal_subnets)
So nat should be :
nat (inside,outside) source dynamic internal_subnets interface
In the last example it will get patted to the outside interface, if you want to PAT it to a different IP than the outside interface just create a object network host and use it on the NAT instead of the interface keyword,
Regards,
Julio
11-13-2012 11:47 AM
Hello,
No, that command is for twice NAT not auto-nat ( object_nat)
Julio
11-13-2012 02:01 PM
Hello,
That is just the name ( and yes they used that name because of that) but it can also be used on a singular nat ( I mean no use of the destination keyword)
11-13-2012 11:36 AM
Hello,
Okay so you already created the object-group ( Let's say it's called internal_subnets)
So nat should be :
nat (inside,outside) source dynamic internal_subnets interface
In the last example it will get patted to the outside interface, if you want to PAT it to a different IP than the outside interface just create a object network host and use it on the NAT instead of the interface keyword,
Regards,
Julio
11-13-2012 11:45 AM
Should the "nat (inside,outside) source dynamic internal_subnets interface" command be under the object-group?
11-13-2012 11:47 AM
Hello,
No, that command is for twice NAT not auto-nat ( object_nat)
Julio
11-13-2012 01:49 PM
Does "twice NAT" mean two-way NAT?
11-13-2012 02:01 PM
Hello,
That is just the name ( and yes they used that name because of that) but it can also be used on a singular nat ( I mean no use of the destination keyword)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide