Identity Static NAT

Unanswered Question
Nov 5th, 2009

I configured identity static NAT on my ASA specifying a range I.E. "static (inside,outside) netmask and now the outside users cannot connect to inside WEB server which has IP address of Do I need to create one to one entries for each host? Seems like firewall does not create a dedicated translation for inbound connections.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mkharban Thu, 11/05/2009 - 15:12


There is no need for doing one to one nat for all the ip addresses. The configuration statement looks fine to me.

Please check the output of 'show xlate' and find out if the translations are being made for the ip addresses.




This Discussion