Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
666
Views
0
Helpful
1
Replies

Pre 8.3 and Post 8.3 NAT

ravindra692
Level 1
Level 1

‎11-25-2018 06:31 PM - edited ‎03-10-2019 01:07 AM

Hello

 

I am Performing a software upgrade on a Cisco ASA running 8.0 to 9.1.

 

I know that the major change is the NAT configuration in this upgrade.

 

In the Pre 8.3 Version, below is the static NAT config. Here any traffic comes on the inside interface with the Source IP address y.y.y.y is translated to x.x.x.x and any traffic comes on the outside interface with the destination IP address x.x.x.x is translated to y.y.y.y

 

static (Inside,Outside) x.x.x.x y.y.y.y netmask 255.255.255.255

 

In the Post 8.3 Version, the above static NAT is translated as below. What I would like to know is does the below configuration performs the same NAT functionality as above?

 

object network OBJ-y.y.y.y
host y.y.y.y
object network OBJ-x.x.x.x
host x.x.x.x
nat (Inside,Outside) source static OBJ-y.y.y.y OBJ-x.x.x.x

 

I mean, Does the traffic coming on the inside interface with the Source IP address y.y.y.y is translated to x.x.x.x and any traffic coming on the outside interface with the destination IP address x.x.x.x is translated to y.y.y.y

Labels:
0 Helpful
1 Reply 1

Dennis Mink
VIP Alumni
VIP Alumni

‎11-25-2018 06:41 PM

Rav, try this document:

 

https://community.cisco.com/t5/security-documents/asa-pre-8-3-to-8-3-nat-configuration-examples/ta-p/3116375

 

be mindful of object NAT though as it gets processed at the bottom. and ASA;s go top down

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents