I've been trying to find a way to have an ASA advertise static and dynamic NAT through a dynamic routing protocol without luck. There appeared to be a way to use static routes along with NAT to do it with 8.2 and earlier, but I don't think that works anymore. I am setting up ASA clustering, so proxy-arp is no longer an option.
The goal is to have the ability to configure NAT on a tenant ASA context (self-service long term goal) and have it advertised into a dynamic routing protocol without any other configuration like creating a static route each time you configure a NAT mapping. The tenant contexts would have an outside interface on a shared public IP subnet that is different than the public NAT IPs that can be used by any of the tenants. Pre-allocating NAT IPs to each tenant and pre-routing the range would be wasteful as we don't know how many IPs each tenant would require now or in the future.
Since the ASA can't do proxy-arp while clustering in individual-interface mode at least, it would be nice to be able to inject mapped IPs into a dynamic routing protocol like can be done with the 'add-route' keyword on IOS devices. Does anyone know if this is on the road map for the ASA?
Thank you,
Mark
