nat (inside) command

veena_kompal · ‎12-04-2008

Hi there..am trying to configure the nat (inside) 1 interface command but it gives me an error..

thanks

Jon Marshall · ‎12-04-2008

Veena

Which device is this on and what is the exact command you are typing in ?

nat (inside) 1 interface

is not a valid command.

global (outside) 1 interface and

global (inside) 1 interface

are valid commands.

Can you tell us exactly what you want to achieve and we can hopefully supply the correct commands.

Jon

veena_kompal · ‎12-04-2008

Hi Jon,

we have got two network connected on each of the interface inside (10.4.32.0) and outside (192.168.29.0) on the firewall and the default gateway is 10.4.32.254(router on the network).

From this router, there is a route to reach the firewall

ip route 192.168.29.0 via 10.4.32.250 (which is the ip of the ASA)

The problem is:

I am able to reach the network 10.4.32.0 from the router but unable to ping the interface 192.168.29.x ..

please find the config of the firewall attached....

Jon Marshall · ‎12-04-2008

Veena

Do you want to NAT the source addresses of 10.4.32.x as they go through the ASA ?. If so

nat (inside) 1 10.4.32.0 255.255.255.0

If you don't want to NAT them

nat (inside) 0 10.4.32.0 255.255.255.0

When you ping from the router make sure it is using a 10.4.32.x source address.

Also i'm assuming from your acls that you are ping 192.168.20.63 ? Don't test connectivity by trying to ping the outside interface address of the ASA - this won't work.

Jon