cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
644
Views
0
Helpful
1
Replies

Nating to Layer 3 Switch with SVI VLAN Interfaces

Colourful
Beginner
Beginner

I have a design which involves using a Layer 3 switch to control the internal routing. (Layer 3 Intervlan routing, See attached Document - Requires Microsoft Visio). My question is - how would I tell the ASA Firewall to NAT to an internal vlan that is behind the Layer 3 Switch, I am familar with Nating but only on a Router on a stick basis.

Kind regards,

Jake

1 Reply 1

Abzal
Rising star
Rising star

Hi,

If ASA is directly connected to the router then should like this

ASA:

nat (inside) 1 0.0.0.0 0.0.0.0
global (outside) 1 interface

Then if you are not running dynamic routing protocol you need to add static routes:
For example:

route inside 192.168.0.0 255.255.255.0 10.0.0.1

And default static route to outside:

route outside 0.0.0.0 0.0.0.0 1.1.1.1

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/route_static.html
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/nat_dynamic.html

On L3 switch you also will need static route.

ip route 0.0.0.0 0.0.0.0 10.0.0.2

Sent from Cisco Technical Support Android App

Best regards,
Abzal
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: