Solved: Re: NAt inside to inside interface - Page 2

MarcinChameleon · ‎12-28-2011

Hi All,

A bit of problem with NATting - ASA 5500 ASDM 6.2.

I have 3 interfaces: ouside, inside, inside1. Outside routes to inside interface, where both interfaces are on public IPs, so no nat control.

The new inside1 interface I want to be on oriv network 10.100.10.0/24. Now I want to NAT public IP from inside interaface to priv IP on inside2.

Basically NATTing must occur between inside and inside2 - on priv IP there is web server.

Can I do somehow without nat enabling command? I just need NAT for few IPs.

TIA for any help.

Marcin

andrew.prince · ‎12-29-2011

if you want the device to be available from the outside - you need to:-

1) Allow access via an access-list - as the outside is security 0 and Inside1 is security 100

2) You need to have a NAT in place - you could peform PAT on the outside - of try and use the same NAT IP as the inside so something like

static (Inside1,outside) 83.89.92.250 10.100.10.2 netmask 255.255.255.255

MarcinChameleon · ‎12-29-2011

Does it mean I have to do enable NAT for everything? OR still I can do NAT and PAT just for chosen IPs?

andrew.prince · ‎12-29-2011

you can still just do nat and pat.

MarcinChameleon · ‎12-29-2011

Andrew, thanks for everything.

Would you be so kind and help me with this NAT and PAT config for outside interafce?

Only for just one mapping, the rest I would just replicate.

BIG TIA.

MarcinChameleon · ‎12-29-2011

IT'S WORKING!!!

Big thanks Andrew for all your help and support!

That was the last missing config -

static (Inside1,outside) 83.89.92.250 10.100.10.2 netmask 255.255.255.255 and it worked nicely.

All the best in 2012.

Marcin.

andrew.prince · ‎12-29-2011

No - glad to help.

And to you.