Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
216
Views
0
Helpful
1
Replies

ezvpn NEM ASA 8.2 to 9.1

Luis Ricardo Quintero Casimiro
Level 1
Level 1

‎07-22-2015 03:23 PM

Hi everybody, i saw that exists some changes betwen version 8.2 and 9.1 from ASA, how can update tht if I have this configuration that is the most important where i can reach the LAN with my remotes branch routers.

The question is, what i have to do with my "NAT" ?

 

access-list NONAT extended permit ip 172.16.200.0 255.255.255.0 192.168.23.0 255.255.255.0
access-list NONAT extended permit ip 192.168.23.0 255.255.255.0 172.16.200.0 255.255.255.0
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 host 172.16.70.50
access-list NONAT extended permit ip 192.168.48.0 255.255.240.0 172.16.94.0 255.255.255.0
access-list NONAT extended permit ip 192.168.64.0 255.255.192.0 172.16.94.0 255.255.255.0
access-list NONAT extended permit ip 192.168.128.0 255.255.128.0 172.16.94.0 255.255.255.0
access-list NONAT extended permit ip 192.168.1.0 255.255.255.0 172.16.94.0 255.255.255.0
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 192.168.18.0 255.255.255.0
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 172.16.200.0 255.255.255.0
access-list NONAT extended permit ip host 192.168.1.254 host 4.2.2.2
access-list NONAT extended permit ip 10.10.10.0 255.255.255.0 172.16.200.0 255.255.255.0
access-list NONAT extended permit ip 172.16.200.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list NONAT extended permit ip 192.168.1.0 255.255.255.0 172.16.200.0 255.255.255.192
access-list NONAT extended permit ip 192.168.0.0 255.255.224.0 172.16.200.0 255.255.255.192
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 172.16.200.0 255.255.255.192
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 A-10.168.0.0 255.255.0.0
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 10.11.0.0 255.255.0.0

 

access-list NONATDMZ extended permit ip 192.168.23.0 255.255.255.0 172.16.200.0 255.255.255.0
access-list NONATDMZ extended permit ip host 192.168.23.33 193.168.0.0 255.255.0.0
access-list NONATDMZ extended permit ip host 192.168.23.33 172.16.0.0 255.255.0.0

 

nat (inside) 0 access-list NONAT

nat (dmz) 0 access-list NONATDMZ

 

 

Labels:
0 Helpful
1 Reply 1

Dinesh Moudgil
Cisco Employee
Cisco Employee

‎07-22-2015 08:36 PM

Hi Luis Ricardo Qu

Here is a document that you can refer to convert pre 8.3 nat to post 8.3 nat:-
https://supportforums.cisco.com/document/33921/asa-pre-83-83-nat-configuration-examples


Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
0 Helpful
Customers Also Viewed These Support Documents