Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
You may experience some slow load times, errors, and slight inconsistencies. We ask for your patience as we finalize the launch. Thank you.

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA Firewall NAT public IP address no NAT

Is this possible - ASA5512-X

 

Outside Address /27  Public - Inside Address Private /24

 

I have basic NAT configured but would like to apply a public IP to an "inside" address with no-NAT. Now I have managed this before by splitting the /27 and creating a /28 routed VLAN network using half the public IPs - but it wastes addresses.

On the old 8.x software you could configure allow addresses to pass without translation.  Is this possible now?

 

  • Firewalling
1 REPLY

Not exactly sure what you

Not exactly sure what your question is but it appears to me you are looking for NoNAT configuration for post 8.2 version of Cisco ASA, if so then here's what you need :

Let's say :

internal subnet : 10.10.10.0/24

External Subnet : 198.41.41.0/24

now you want 10.10.10.0/24 to go to 198.41.41.0/24 untranslated and avoid the dynamic Pat :

object network OBJ-10.10.10.0

 subnet 10.10.10.0 255.255.255.0

object network OBJ-198.41.41.0

 subnet 198.41.41.0 255.255.255.0

 

nat (inside,outside) source static OBJ-10.10.10.0 OBJ-10.10.10.0  destination static OBJ-198.41.41.0 OBJ-198.41.41.0

 

Hope I understood your request correctly.

Thanks

Manish

272
Views
0
Helpful
1
Replies