Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
716
Views
0
Helpful
1
Replies

Nating to Layer 3 Switch with SVI VLAN Interfaces

Colourful
Level 1
Level 1

‎02-23-2013 11:51 AM - edited ‎03-07-2019 11:54 AM

I have a design which involves using a Layer 3 switch to control the internal routing. (Layer 3 Intervlan routing, See attached Document - Requires Microsoft Visio). My question is - how would I tell the ASA Firewall to NAT to an internal vlan that is behind the Layer 3 Switch, I am familar with Nating but only on a Router on a stick basis.

Kind regards,

Jake

Labels:
15355268-InterRouting NAT ISSUE.vsd.zip
0 Helpful
1 Reply 1

Abzal
Level 7
Level 7

‎02-24-2013 08:03 AM

Hi,

If ASA is directly connected to the router then should like this

ASA:

nat (inside) 1 0.0.0.0 0.0.0.0
global (outside) 1 interface

Then if you are not running dynamic routing protocol you need to add static routes:
For example:

route inside 192.168.0.0 255.255.255.0 10.0.0.1

And default static route to outside:

route outside 0.0.0.0 0.0.0.0 1.1.1.1

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/route_static.html
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/nat_dynamic.html

On L3 switch you also will need static route.

ip route 0.0.0.0 0.0.0.0 10.0.0.2

Sent from Cisco Technical Support Android App

Best regards,
Abzal
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card