06-12-2008 12:02 AM - edited 03-11-2019 05:58 AM
We are going to replace an old Linux based firewall with a Cisco ASA 5505. On the outside interface we have a 255.255.255.252 subnet (1 available address) and we have a DMZ zone with a 255.255.255.240 subnet (with official IP addresses) Usually we translate public addresses on the outside interface to private adresses in DMZ with the static command but in this case there are no address translation from outside to the DMZ. We want to do the same thing with the new firewall. Between the outside interface and the inside interface we will be using NAT/PAT. This solution work's fine with the old firewall but how can we do the same with Cisco ASA 5505? (With static or NAT exemption or something else) The person who installed the old solution can't be found.
06-12-2008 02:21 AM
Easiest thing to do is just a static translation ie.
static (DMZ,outside) 195.167.10.0 195.167.10.0 netmask 255.255.255.240
Jon
06-14-2008 06:38 AM
Thanks! We have not tested it yet but i'm pretty sure this will work.
06-14-2008 07:25 PM
Yup Jon is rite. Just shot it :)
Regards
- Afan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: