Sunday, May 15, 2011

Dynamic NAT configuration on ASA 55XX

Configure using 8.0 ASA
ciscoasa(config)# nat (inside) 1 192.168.2.0 255.255.255.0
ciscoasa(config)# global (outside) 1 10.2.2.1-10.2.2.10 netmask 255.255.255.0

additional note: Running PAT
ciscoasa(config)# nat (inside) 1 0.0.0.0 0.0.0.0
ciscoasa(config)# global (outside) 1 interface

Configure using 8.3 ASA
ciscoasa(config)# object network MyOutsideRangePool
ciscoasa(config-network-object)# range 10.2.2.1 10.2.2.10

ciscoasa(config)# object network MyInsideNetwork
ciscoasa(config-network-object)# subnet 192.168.2.0 255.255.255.0
ciscoasa(config-network-object)# nat (inside,outside) dynamic MyOutsideRangePool  

Additional example of Dynamic NAT of 2 internal networks
Configure using 8.0 ASA
ciscoasa(config)# nat (inside) 1 192.168.2.0 255.255.255.0
ciscoasa(config)# nat (inside2 192.168.3.0 255.255.255.0
ciscoasa(config)# global (outside) 1 10.2.2.1-10.2.2.10 netmask 255.255.255.0
ciscoasa(config)# global (outside2 10.2.2.11-10.2.2.20 netmask 255.255.255.0

Configure using 8.3 ASA
ciscoasa(config)# object network MyOutsideRangePool_1
ciscoasa(config-network-object)# range 10.2.2.1 10.2.2.10

ciscoasa(config)# object network MyInsideNetwork_1
ciscoasa(config-network-object)# subnet 192.168.2.0 255.255.255.0
ciscoasa(config-network-object)# nat (inside,outside) dynamic MyOutsideRangePool_1 
ciscoasa(config)# object network MyInsideNetwork_2
ciscoasa(config-network-object)# subnet 192.168.3.0 255.255.255.0
ciscoasa(config-network-object)# nat (inside,outside) dynamic MyOutsideRangePool_2 
ciscoasa(config)# object network MyOutsideRangePool_2
ciscoasa(config-network-object)# range 10.2.2.11 10.2.2.20
Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)