Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2427
Views
0
Helpful
4
Replies

HOW TO NAT Connnection on ASA 5505

Go to solution
ThomasMull9000
Level 1
Level 1

‎10-28-2012 02:20 AM

Hello Guys

first i thank full all cisco community they helped me alot withouth expert and university studies..

today i have a some issue about NAT

We HAVE SITE to site VPN , its fine working  .  our patern company request to use Public Ip instead of private ip address for encryption domain . and they said to us , you have to NAT for you private ip address to PUblic . really we don't know how to NAT for cisco ASA 5505 .

HERE IS THE CASE

OUR COMPANY = USES CISCO ASA 5505

OUR PUBLIC IP :      155.155.1555.20

PRIVATE IP :           192.168.7.2   ITS LINUX SERVER , SO  HOW WE CAN NAT THIS PRIVATE IP AND CHANGE IT TO PUBLIC

THANKS  A LOT

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to ThomasMull9000

‎10-31-2012 01:52 PM

If you only have 1 public IP and it is assigned to your ASA outside interface, then you would need to configure static PAT (you would need to know what exactly they want to access and configure the specific port that they need).

However, if you have a spare public IP Address, then you don't need to know exactly what they need to access and you can configure the linux server using the spare public IP.

Also, do they need to access the linux server using public IP via the VPN tunnel (encrypted)? or they are happy to access it just via the internet (clear text)?

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎10-28-2012 02:51 AM

A few questions before proceeding further:

- What version of ASA are you running.

- Is the public IP a spare public IP or it's assigned to the ASA outside interface?

- once you configure the NAT, you would also need to make changes to the crypto ACL, and also on the remote parent company end.

- If you don't mind, sharing the configuration of the ASA will help

0 Helpful

Go to solution
ThomasMull9000
Level 1
Level 1
In response to Jennifer Halim

‎10-31-2012 07:32 AM

Dea Jennifer thank you quick response i always appreciate your support..

let me picture you my network again..

We have Only One public Ip address 155.155.155.20 and it assigned for ASA outside interface ..

the only thing i need for this issue is a our Remote site want to access our lnside network 192.168.7.2 . but the remote office guys don't want to access as private ip address .. they need me to NAT 192.168.7.2 to public ip address .. so how i can NAT my outisde interface or give new NAT for other Public ip address.

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to ThomasMull9000

‎10-31-2012 01:52 PM

If you only have 1 public IP and it is assigned to your ASA outside interface, then you would need to configure static PAT (you would need to know what exactly they want to access and configure the specific port that they need).

However, if you have a spare public IP Address, then you don't need to know exactly what they need to access and you can configure the linux server using the spare public IP.

Also, do they need to access the linux server using public IP via the VPN tunnel (encrypted)? or they are happy to access it just via the internet (clear text)?

0 Helpful

Go to solution
ThomasMull9000
Level 1
Level 1
In response to Jennifer Halim

‎11-04-2012 11:02 PM

Clear idea .. many many thanks .. Always you help us realy i appreicate ur comment

0 Helpful
Customers Also Viewed These Support Documents