cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

355
Views
10
Helpful
4
Replies
Highlighted
Beginner

NATs, PATs, and ACLs - which do I need?

I have some devices (RFID Readers) on their own subnet inside my private network that need to be able communicate with an outside company on a specific UDP port and another specific TCP port. I am trying to configure this on my firewall usinf ASDM.
I have created ACL’s that I think are correct for allowing the ports to communicate on the subnet.
Using ASDM, I have tried to create a Dynamic NAT using a pool of addresses, which didn’t work. So, I tried making a PAT which didn’t work.
I’m used to making Static NATs.
I’m getting confused because I want to use a handful of addresses on a particular subnet.

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Mentor

Re: NATs, PATs, and ACLs - which do I need?

Hello

Are you already using NAT on the firewall(s)

Is this a single ASA or dual ASA HA

Running single or multiple contexts in routed or transparent mode?

 

Could you post

-interface names  (inside/outside)

- internal external addressing/port numbers

or the running configuration if applicable ?



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future

View solution in original post

4 REPLIES 4
Highlighted
VIP Mentor

Re: NATs, PATs, and ACLs - which do I need?

Hello,

 

PAT, in theory, should work, as it translates all ports. Provided of course that you are allowing these ports back into your firewall.

 

Can you post the running config of your ASA and indicate which UDP and TCP port are required ?

Highlighted
VIP Mentor

Re: NATs, PATs, and ACLs - which do I need?

Hello

Are you already using NAT on the firewall(s)

Is this a single ASA or dual ASA HA

Running single or multiple contexts in routed or transparent mode?

 

Could you post

-interface names  (inside/outside)

- internal external addressing/port numbers

or the running configuration if applicable ?



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future

View solution in original post

Highlighted
Beginner

Re: NATs, PATs, and ACLs - which do I need?

Yes, we already have a NAT to the outside world.

We have dual ASA HA in routed mode.

Let me see about supplying the information for the other questions.

Highlighted
Beginner

Re: NATs, PATs, and ACLs - which do I need?

Your questions lead me to see that I needed and ACL for the reverse direction.  Thanks!