PAT/NAT on ASA5520

Unanswered Question
Aug 24th, 2009
User Badges:


I've got a setup where for our outgoing internet connections, all users are PAT'd to 1 outside address. I've got a connection that needs to have multiple people use it, and the requirements from the vendor are that the clients need to have individual IPs for each connection. So, what I'm going to ask is: Is it possible to PAT and have an ACL for sites that users will be going to that will have a NAT pool to assign from for those addresses on an ASA5520? I am not able to identify the users because there are many, so was thinking this would be the easiest way to do it.

Any help would be greatly appreciated!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Mon, 08/24/2009 - 12:26
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


Assuming client subnet is and destination subnet is and the NAT pool is

Internet PAT

nat (inside) 1

global (outside) 1 interface

or something along those lines ie. you will already have something like this in your config.

Policy NAT for this additional connection

access-list PNAT permit ip

nat (inside) 2 access-list PNAT

global (outside) 2



This Discussion