Re: Help with NAT in Cisco877 / ASA5505

mannschaft · ‎09-19-2007

hi all

i'm connected usin this architecture :

Internet--->Cisco 877---->ASA5505---->LAN

i connect to internet via ADSL using a static IP: 81.102.196.66

Router Cisco 877 :

- Inside : 10.10.10.1 255.255.255.0

- outside : Dialer0 (81.102.196.66)

ASA5505 :

- Inside : 192.168.1.1 255.255.255.0

- outside : 10.10.10.2 255.255.255.0

i would like to permit internet, Mail, FTP into my local LAN users.

until yet i'm connected to internet using default configuration for both ASA and cisco877. i can send mails with my exchange server situated in the LAN, but i can't receive mails !. i think i need to use NAT....but where ? and how to permit my needs.

Thanks and Regards.

aghaznavi · ‎09-25-2007

For dynamic NAT and PAT, you first configure a nat command identifying the real addresses on a given interface that you want to translate. Then you configure a separate global command to specify the mapped addresses when exiting another interface (in the case of PAT, this is one address). Each nat command matches a global command by comparing the NAT ID, a number that you assign to each command.

mannschaft · ‎09-26-2007

Hi

thanks aghaznavi; but this is not resolving my issue.

always using the same architecture :

internet----> Cisco 877----> ASA5505---->LAN

i have configured VPN server on Cisco 877 for some remote users.i used a basic configuration with Radius Authentification, but when testing the config it's not working. i think that the ASA with a basic config and no ACL implemented is bloking the authentication with my Active Directory.

someone have the same configuration or can help me to make remote users logging to my LAN using VPN ???

Cheers.