Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

nat'ing an external network

folks

i'm looking for some advice on a nat issue on a asa 5540 8.2.1

i have a global nat to the outside interface which nats all the trafficfrom the inside to the outside interface address

i now have a requirement to allow the network on my external interface to connect to an internal network and the global nat is causing me issues

is there any way to allow the outside network connected into the inside without translation while a global nat for all traffic exists?

my problem is exercabated by the fact that the external network has another firewall, an old pix, connected to the internet as it default gateway

thanks to anyone taking the time to reply or read this

if it helps i'll gladly attach a network diagram for clarity

thanks again

2 REPLIES
Cisco Employee

Re: nat'ing an external network

Hello,

If I understand you right, you want the internal network to go to this

particular external network un-natted while for everybody else, you want to

use NAT. You can use either NAT-0 or identity NAT depending upon your

requirement.

NAT-0

Cisco Employee

Re: nat'ing an external network

An example would be

access-list nonat-acl permit ip host (x is the host you don't want to nat for certain destinations).

nat ( 0 access-list nonat-acl

I hope it helps.

PK

188
Views
0
Helpful
2
Replies
CreatePlease to create content