Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1097
Views
0
Helpful
1
Replies

Lan -> ASA 5510 -> Router 1841 NAT Overload

johan.gonzalez
Level 1
Level 1

‎08-22-2011 08:26 AM - edited ‎03-07-2019 01:49 AM

Greetings, this is my scenario:

LAN: a B class net

ASA 5510

Router 1841 with 2 ISP in each Fast Ethernet ports and outside port of asa connected to Fa0/0/0 (i have a 4 port Fast Ethernet attached to router)

My LAN its connected to inside port of ASA, and outside to router.

I need to connect my lan to internet, i tried to make the nat in the asa but i don't have connection.

This is the configuration of my asa and router:

ROUTER

interface FastEthernet0/0

description CANTV

ip address 200.11.x.x 255.255.255.248

duplex auto

speed auto

!

interface FastEthernet0/1

description MOVISTAR

ip address 186.24.x.x 255.255.255.248

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/0/0

description ASA_OUTSIDE

!

interface Vlan1

description GATEWAY ASA

ip address 192.168.200.1 255.255.255.252

!

ip route 0.0.0.0 0.0.0.0 186.24.X.X

!

no ip http server

no ip http secure-server

!

control-plane

!

!

end

ASA

: Saved

:

ASA Version 8.2(1)

!

interface Ethernet0/0

description Hacia Router Borde RBIAIM01

duplex full

nameif outside

security-level 0

ip address 192.168.200.2 255.255.255.252

!

interface Ethernet0/1

description Default Gateway LAN IAIM

nameif inside

security-level 100

ip address 150.140.x.1 255.255.0.0

!

interface Ethernet0/2

shutdown

nameif SinUso

no ip address

!

interface Ethernet0/3

shutdown

nameif SinUso2

no ip address

!

interface Management0/0

nameif management

security-level 100

ip address 192.168.2.1 255.255.255.0

management-only

!

pager lines 24

logging enable

logging asdm informational

mtu outside 1500

mtu inside 1500

mtu WIFISOON 1500

mtu SinUso 1500

mtu management 1500

icmp unreachable rate-limit 1 burst-size 1

icmp permit any outside

icmp permit any inside

no asdm history enable

arp timeout 14400

nat-control

global (outside) 1 192.168.200.1 netmask 255.255.255.252

nat (inside) 1 0.0.0.0 0.0.0.0 dns

access-group outside_access_in in interface outside

access-group inside_access_in in interface inside

route outside 0.0.0.0 0.0.0.0 192.168.200.1 1

route inside 150.140.0.0 255.255.0.0 192.168.20.2 1

timeout xlate 3:00:00

: end

Can anybody help me?

Labels:
0 Helpful
1 Reply 1

justinmitchell
Level 4
Level 4

‎08-25-2011 02:13 PM

You need to change your global NAT on the ASA from the IP 192.168.200.1 to interface. That IP address is a duplicate of the router VLAN interface IP address.

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card