NAT confusion regarding cisco ASA5510

Posted by LonelyLonelyNetworkN00b on Server Fault See other posts from Server Fault or by LonelyLonelyNetworkN00b
Published on 2011-11-16T09:48:17Z Indexed on 2011/11/16 9:59 UTC
Read the original article Hit count: 340

Filed under:
|
|

I'm setting up my first cisco firewalls. A little information first:I have two asa5510 setup in a working active/standby pair.

From my ISP i have two public subnets. A /29 and a /26. On my DMZ interface i have the /26 configured. On my WAN Interface i have configured the /29 IPs. My isp routes the /26 via the /29 primary IP.

I'm running ASA 8.2.

I've turned NAT-Control off, because i don't want to use nat for for other than some internal interfaces. In essence i don't want to use NAT unless i specify it.

I have a internal interface with the network of 192.168.100.0/24. I've tried setting up nat limke this:

nat (inside) 1 192.168.100.0 255.255.255.0 
global (WAN) 1 interface  

I was under the impression that this would let connections that was going from 192.168.100.0/24 and out the WAN interface to be Port-Address-translated. I'm not getting this to work for some reason.

Inside interface has security level of 100, and wan has security level of 0.

© Server Fault or respective owner

Related posts about nat

Related posts about cisco-asa