02-15-2016 06:18 AM
Hello Friends
I´m noob with firewall and I create a VPN site-to-site with a customer with the follow informations:
My site:
10.204.x.x/24
10.69.0.0/24
some others
Site customer:
172.30.20.0/24
But the network from my site 10.69.0.0 is internal network of the customer, than they asked me to make a NAT when the network 10.69.0.0 is going to 172.30.20.0 the have to get out with the IP 172.30.100.0.
Anyone knows what can I do to make this configurations works?
Thanks
Solved! Go to Solution.
02-15-2016 09:52 AM
Marcio,
You can use a Static Policy NAT:
object network LAN-10.69.0.0
subnet 10.69.0.0 255.255.x.x
object network obj-172.30.100.0_nat
subnet 172.30.100.0 255.255.255.0
object network obj-172.30.20.0
subnet 172.30.20.0 255.255.255.0
nat (inside,outside) source static LAN-10.69.0.0 obj-172.30.100.0_nat destination static obj-172.30.20.0 obj-172.30.20.0
-JP-
02-15-2016 06:44 AM
Hi Marcio,
The nat is going to depend of the version of ASA that you are using, you can take a look to this guide:
https://supportforums.cisco.com/document/33921/asa-pre-83-83-nat-configuration-examples
-JP-
02-15-2016 09:47 AM
JP,
Thanks for your support, I alredy configured the follow NAT
nat (Internal,Internal) source static LAN-10.69.0.0 LAN-10.69.0.0 destination static NAT_TMF NAT_TMF
Still don´t work and in the log I can´t see any error msg, but I can´t ping the remote host.
02-15-2016 09:52 AM
Marcio,
You can use a Static Policy NAT:
object network LAN-10.69.0.0
subnet 10.69.0.0 255.255.x.x
object network obj-172.30.100.0_nat
subnet 172.30.100.0 255.255.255.0
object network obj-172.30.20.0
subnet 172.30.20.0 255.255.255.0
nat (inside,outside) source static LAN-10.69.0.0 obj-172.30.100.0_nat destination static obj-172.30.20.0 obj-172.30.20.0
-JP-
02-15-2016 10:16 AM
Now, they give me the follow msg:
[WARNING] nat (Internal,Lan1) 3 source static LAN-10.69.0.0 NAT_TMF destination static LAN_Alog LAN_Alog
Pool (172.30.20.0-172.30.20.255) overlap with existing pool.
NAT is apply, but don´t work, I don´t know if is because the overlap or other things.
02-15-2016 12:16 PM
Thanks for all support
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide