cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
183
Views
0
Helpful
1
Replies

Upgrading from PIX to ASA

BHconsultants88
Level 1
Level 1

Hi guys, hope everyone is well.

I wonder if someone could clarify the following. I'm looking to upgrade my PIX to ASA 5505 but having a few issues with some of the syntax. Specifically, I have the following on my PIX

route outside 0.0.0.0 0.0.0.0 193.35.57.192 1
route inside 10.0.0.0 255.0.0.0 10.33.0.1 1

access-list inside_access_in permit tcp 10.33.0.0 255.255.255.0 any object-group Interweb

pdm location 10.96.56.17 255.255.255.255 inside

global (outside) 1 193.35.57.43
nat (inside) 1 0.0.0.0 0.0.0.0 0 0

I've looked through the document https://supportforums.cisco.com/document/33921/asa-pre-83-83-nat-configuration-examples

But unless I'm missing something, I can't quite put my finger on what I'm doing. Would really appreciate some assistance.

Cheers

1 Reply 1

nspasov
Cisco Employee
Cisco Employee

Hi there!

I have always used the following link when doing such conversions:

https://www.tunnelsup.com/nat-converter/

Two three major things you need to remember for these type of conversions are:

1. There is no more NAT Control

2. The NAT syntax changes (the link above will help you with that conversion)

3. The ACLs need to reference the "real" (IP before NAT). 

I hope this helps!

Thank you for rating helpful posts! 

Review Cisco Networking for a $25 gift card