Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAtting Issue

Hi,

I have a L3 swith where user vlan is created & the natting is done in ASA.

In ASA:

========

nat (inside) 1 10.10.11.0 255.255.255.0

global (outside) 1 210.212.10.x 210.212.10.20 netmask 255.255.255.240

route outside 0 0 x.x.x.y (router interface connected with asa)

route inside 10.10.11.0 255.255.255.0 10.10.20.2 (switch interface ip connecte switch asa inside)

========================================

End users are assigned static IP. I don't have internal DNS server. Whenever users want to access internet they need to authenticate in a website which is hosted in internet using username & password & after successful authentication he can access internet. So a public ip is assigned against the ende user from the public ip pool. Is there any way to achieve this using wasting public IP?

Customer is not going for internal DNS...

Please suggest.

1 REPLY

Re: NAtting Issue

Hi,

For the Public IP issue, what you can do is do PAT instead of using the Public IP pool.

Do this

no global (outside) 1 210.212.10.x 210.212.10.20 netmask 255.255.255.240

global (outside) 1 210.212.10.20

Now, all the inside clients will be using only a single IP , i.e, 210.212.10.20

--------------------

For the DNS , you can ask the customer to use the free DNS service from OpenDNS.

Put these IP'sas primary and Secondary DNS on thw clients.

208.67.222.222

208.67.220.220

Hope this helps.

163
Views
0
Helpful
1
Replies
CreatePlease login to create content