nat'ing an external network

Unanswered Question
Aug 2nd, 2010
User Badges:

folks


i'm looking for some advice on a nat issue on a asa 5540 8.2.1


i have a global nat to the outside interface which nats all the trafficfrom the inside to the outside interface address


i now have a requirement to allow the network on my external interface to connect to an internal network and the global nat is causing me issues


is there any way to allow the outside network connected into the inside without translation while a global nat for all traffic exists?


my problem is exercabated by the fact that the external network has another firewall, an old pix, connected to the internet as it default gateway


thanks to anyone taking the time to reply or read this


if it helps i'll gladly attach a network diagram for clarity


thanks again

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Nagaraja Thanthry Mon, 08/02/2010 - 17:18
User Badges:
  • Cisco Employee,

Hello,


If I understand you right, you want the internal network to go to this

particular external network un-natted while for everybody else, you want to

use NAT. You can use either NAT-0 or identity NAT depending upon your

requirement.


NAT-0

Panos Kampanakis Tue, 08/03/2010 - 15:32
User Badges:
  • Cisco Employee,

An example would be


access-list nonat-acl permit ip host (x is the host you don't want to nat for certain destinations).

nat ( 0 access-list nonat-acl


I hope it helps.


PK

Actions

This Discussion