Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2440
Views
20
Helpful
22
Replies

configuration NAT overload for ASA 5525

MohammadSalih
Level 1
Level 1

‎12-22-2022 12:41 AM

hi every one ,

i want to configure NAT over load

i have one public ip address 37.x.x.x

and pool of private ip addresses 70.70.x.x

when i configure natting by typing

nat (inside,outside) soure (static or dynamic) ,

there is no PAT configuration , because i want every private IPs share one public ip.

0 Helpful
22 Replies 22

MHM Cisco World
VIP
VIP
In response to MohammadSalih

‎12-22-2022 11:01 AM

sorry I make double check your config you have two IN and one OUT, where is the config of other OUT interface??

0 Helpful

MohammadSalih
Level 1
Level 1
In response to MHM Cisco World

‎12-23-2022 05:44 AM

hi

i have 2 IN and 2 OUT 

interface GigabitEthernet0/0
nameif outside
security-level 0
ip address 37.X.X.194 255.255.255.248

interface GigabitEthernet0/1
nameif inside
security-level 100
ip address 70.70.2.1 255.255.255.0

interface GigabitEthernet0/1
nameif inside
security-level 100
ip address 70.70.3.1 255.255.255.0

object network public_LAN1
host 37.X.X.195
object network public_LAN2
host 37.X.X.196

object-group network private_LAN1
network-object 70.70.2.0 255.255.255.0
object-group network private_LAN2
network-object 70.70.3.0 255.255.255.0

(just missing the NAT/PAT command)

MHM Cisco World
VIP
VIP
In response to MohammadSalih

‎12-23-2022 05:49 AM

you meaning two public IP and one OUT interface ? am I right ?

0 Helpful

MohammadSalih
Level 1
Level 1
In response to MHM Cisco World

‎12-23-2022 05:52 AM

yes

and each private goes to each public

70.70.2.0/24 (private) go to 37.X.X.195

70.70.3.0/24 (private) go to 37.X.X.196

 

paul driver
VIP
VIP
In response to paul driver

‎12-22-2022 04:50 AM

Hello

clear configure object
clear configure object-group
nat (inside,outside) after-auto source dynamic any interface

route  outside 0 0 37.X.X.X


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

MohammadSalih
Level 1
Level 1
In response to paul driver

‎12-22-2022 08:13 AM

hi dear,

what do you mean by clear?

you mean remove configuration form the objects?

0 Helpful

paul driver
VIP
VIP

‎12-23-2022 07:43 AM

Hello
Did you try the configuration I previously posted (see below) ? 

Can you post the output from the following traces:
packet-tracer input inside tcp 70.70.2.x 12345 8.8.8.8 80
packet-tracer input inside tcp 70.70.3.x 12345 8.8.8.8 80

 

Lastly what you have explained from your OP the below should work

route outside 0 0 37.X.X.<-- default route and nexthop)

object network Inside_1
Subnet 70.70.2.0 255.255.255.0

object network outside1
host 37.X.X.195

object network Inside_2
subnet 70.70.3.0 255.255.255.0

object network outside2
host 37.X.X.196

nat (inside,outside)  1source dynamic Inside_1 outside1
nat (inside,outside)  2 source dynamic Inside_2 outside2
nat (inside,outside) after-auto source dynamic any interface


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

MHM Cisco World
VIP
VIP

‎12-23-2022 02:48 PM

Screenshot (167).png

this lab I run for you, check how I config the NAT overload using two public IP and one OUT interface.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card