Solved: hi karthik,thanks for

johnlloyd_13 · ‎06-12-2014

hi,

i've plan to get an internet edge 2911 router that routes public ip space between 2x internal ASAs.

one asa is a regular 5510 ver 8.2 and the other is our new context-based 5525-x ver 8.6.

my question is, who does NAT here is it the ASA or router (with ASA bypass NAT'ng)?

see visio attached in what i'm trying to achieve here.

nkarthikeyan · ‎06-12-2014

Hi John,

When you have the public IP segment directed configured on the ASA outside interface. You can have the NAT/PAT done there in the ASA itself and all you need is to have a static route for the respective segments of ASA's in the gateway router to reach the respective zones. You can have the Gateway router to just do the routing with ISP.

Hope this helps.

Regards

Karthik

View solution in original post

nkarthikeyan · ‎06-12-2014

Hi John,

When you have the public IP segment directed configured on the ASA outside interface. You can have the NAT/PAT done there in the ASA itself and all you need is to have a static route for the respective segments of ASA's in the gateway router to reach the respective zones. You can have the Gateway router to just do the routing with ISP.

Hope this helps.

Regards

Karthik

johnlloyd_13 · ‎06-13-2014

hi karthik,

thanks for confirming my thoughts!

NAT behind an Internet router