Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Cisco ASA virtual NAT

Hi ,

I have a question about ASA which i happen to come across

Is it not possible to NAT with logical IP addresses or IP addresses for which physical interfaces are not configred on the ASA.If not then how can i NAT for multiple IP pools of my ISP for which physical interface does not exist on my firewall

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Cisco ASA virtual NAT

As long as you upstream router(s) route

down these IP pools to the ASA, this will

work just fine.

Let say your "outside" interface is

1.1.1.1/24 but you want to static NAT

129.174.1.0/24 to 192.168.1.0/24 on the ASA:

on the upstream router:

ip route 129.174.1.0 255.255.255.0 1.1.1.1

on the ASA:

static (i,o) 129.174.1.0 192.168.1.0 /24

Easy right?

2 REPLIES
Silver

Re: Cisco ASA virtual NAT

As long as you upstream router(s) route

down these IP pools to the ASA, this will

work just fine.

Let say your "outside" interface is

1.1.1.1/24 but you want to static NAT

129.174.1.0/24 to 192.168.1.0/24 on the ASA:

on the upstream router:

ip route 129.174.1.0 255.255.255.0 1.1.1.1

on the ASA:

static (i,o) 129.174.1.0 192.168.1.0 /24

Easy right?

Community Member

Re: Cisco ASA virtual NAT

thanx that was very useful information

163
Views
0
Helpful
2
Replies
CreatePlease to create content