05-20-2020 06:37 AM
Hey everyone, I was hoping someone could clear something up for me and help me understand something.
So, I got my ASA firewall working and had to reinstall the image on it and reconfigure the firewall from scratch. I have the "outside" interface set to "ip address dhcp setroute" then the inside interface is set with an address and DHCP.
Before, I could just configure it like this.
# object network obj_inside
# nat (inside,outside) dynamic interface
# subnet 172.16.100.0 255.255.255.0
and everything would go through without an issue BUT NOW, I have to do this. Because the way from above doesn't work anymore due to it telling me NAT policy not downloaded.
# host 172.16.100.1
# nat (inside,outside) dynamic interface
# subnet 172.16.100.0 255.255.255.0
Could someone explain to me the difference between the two? Is it that I'm creating my own NAT policy by doing the second option and if so, how can I go about downloading the NAT policy so I don't have to do that.
05-20-2020 09:06 AM
Hello,
what do you want to accomplish ? NAT the entire subnet, or just the host ?
05-20-2020 11:23 AM
I would want the entire subnet, not just a single host.
Lets say I want all of the addresses being handed out by the DHCP to be translated. How do I get that to work, because the way that I did it before wouldn't work for me.
Everytime I try to do the translation for all of the addresses it doesn't let me because it tells me that the NAT policy isn't downloaded. This didn't happen until after I had to reformat the hard drive and reinstall the image.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide