Re: nat inside outside

tyr668 · ‎08-11-2023

how do i add both inside(g1/3) and inside1(g1/4) links to nat to outside ? it seems like it's auto changing the nat statement for me . when i key in nat (inside, outside) dynamic interface, it'll auto change to nat(inside2, outside) dynamic interface

pieterh · ‎08-11-2023

read again about IP-subnetting and CIDR default network mask

20-bit block

172.16.0.0 – 172.31.255.255

1048576

172.16.0.0/12 (255.240.0.0)

20 bits

12 bits

16 contiguous class B networks

the firewall sees both addresses of interfaces gi1/3 and gi1/4 are part of the class-B network 172.16.0.0
-> you need to tell the firewall you don't want the default subnetting, but your own more granual subnetting
using the command:

ip classless

Flavio Miranda · ‎08-11-2023

Hi @tyr668

You are probably doing nothing wrong but you need to consider that the ASA on the PacketTracer is very buggy. It does not work well with dynamic protocol and it fail on routing task mostly. If is not a good idea to add the Firewall in the center of the topology like this and making it work as firewall and router at the same time.

My best advice is replace the ASA and reconfigure it again but if you face the same problem, think about using a router on this place and use the ASA only to filter traffic between inside and dmz.