NAT confusion regarding cisco ASA5510
Posted
by
LonelyLonelyNetworkN00b
on Server Fault
See other posts from Server Fault
or by LonelyLonelyNetworkN00b
Published on 2011-11-16T09:48:17Z
Indexed on
2011/11/16
9:59 UTC
Read the original article
Hit count: 340
I'm setting up my first cisco firewalls. A little information first:I have two asa5510 setup in a working active/standby pair.
From my ISP i have two public subnets. A /29 and a /26. On my DMZ interface i have the /26 configured. On my WAN Interface i have configured the /29 IPs. My isp routes the /26 via the /29 primary IP.
I'm running ASA 8.2.
I've turned NAT-Control off, because i don't want to use nat for for other than some internal interfaces. In essence i don't want to use NAT unless i specify it.
I have a internal interface with the network of 192.168.100.0/24. I've tried setting up nat limke this:
nat (inside) 1 192.168.100.0 255.255.255.0
global (WAN) 1 interface
I was under the impression that this would let connections that was going from 192.168.100.0/24 and out the WAN interface to be Port-Address-translated. I'm not getting this to work for some reason.
Inside interface has security level of 100, and wan has security level of 0.
© Server Fault or respective owner