07-22-2015 03:23 PM
Hi everybody, i saw that exists some changes betwen version 8.2 and 9.1 from ASA, how can update tht if I have this configuration that is the most important where i can reach the LAN with my remotes branch routers.
The question is, what i have to do with my "NAT" ?
access-list NONAT extended permit ip 172.16.200.0 255.255.255.0 192.168.23.0 255.255.255.0
access-list NONAT extended permit ip 192.168.23.0 255.255.255.0 172.16.200.0 255.255.255.0
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 host 172.16.70.50
access-list NONAT extended permit ip 192.168.48.0 255.255.240.0 172.16.94.0 255.255.255.0
access-list NONAT extended permit ip 192.168.64.0 255.255.192.0 172.16.94.0 255.255.255.0
access-list NONAT extended permit ip 192.168.128.0 255.255.128.0 172.16.94.0 255.255.255.0
access-list NONAT extended permit ip 192.168.1.0 255.255.255.0 172.16.94.0 255.255.255.0
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 192.168.18.0 255.255.255.0
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 172.16.200.0 255.255.255.0
access-list NONAT extended permit ip host 192.168.1.254 host 4.2.2.2
access-list NONAT extended permit ip 10.10.10.0 255.255.255.0 172.16.200.0 255.255.255.0
access-list NONAT extended permit ip 172.16.200.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list NONAT extended permit ip 192.168.1.0 255.255.255.0 172.16.200.0 255.255.255.192
access-list NONAT extended permit ip 192.168.0.0 255.255.224.0 172.16.200.0 255.255.255.192
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 172.16.200.0 255.255.255.192
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 A-10.168.0.0 255.255.0.0
access-list NONAT extended permit ip 192.168.0.0 255.255.0.0 10.11.0.0 255.255.0.0
access-list NONATDMZ extended permit ip 192.168.23.0 255.255.255.0 172.16.200.0 255.255.255.0
access-list NONATDMZ extended permit ip host 192.168.23.33 193.168.0.0 255.255.0.0
access-list NONATDMZ extended permit ip host 192.168.23.33 172.16.0.0 255.255.0.0
nat (inside) 0 access-list NONAT
nat (dmz) 0 access-list NONATDMZ
07-22-2015 08:36 PM
Here is a document that you can refer to convert pre 8.3 nat to post 8.3 nat:-
https://supportforums.cisco.com/document/33921/asa-pre-83-83-nat-configuration-examples
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide