Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Static natting in ASA

Hi,

Am replacing the Pix 515E firewall with a ASA 5515 firewall. When givingthe below commands:

nat-control

global (dmz) 1 interface

nat (inside) 1 10.1.11.0 255.255.255.0

static (inside,dmz) 172.19.176.91 10.1.11.41 netmask 255.255.255.255

static (inside,dmz) 172.19.176.72 10.1.11.8 netmask 255.255.255.255

static (inside,dmz) 172.19.176.73 10.1.11.9 netmask 255.255.255.255

It displays error:

ERROR: This syntax of nat command has been deprecated.

Please refer to "help nat" command for more details.

Suggest how to enable Nat for the above. Thanks in advance.

Regards,

Ravic.

2 REPLIES
New Member

Static natting in ASA

Forgot to mention ASA holds Cisco Adaptive Security Appliance Software Version 8.6(1)2.

VIP Green

Static natting in ASA

The NAT configuration is changed as of version 8.3 and is based on group objectes.

here is a good overview of the differences between pre 8.3 and post 8.3

https://supportforums.cisco.com/docs/DOC-9129

To get your NAT config working you would need to enter the following commands, feel free to change the object group names

object network LAN

  subnet 10.1.11.0 255.255.255.0

  nat (inside,dmz) dynamic interface

object network SERVER1

  host 10.1.11.41

  nat (inside,dmz) static 172.19.176.91

object network SERVER2

  host 10.1.11.8

  nat (inside,dmz) static 172.19.176.72

object network SERVER3

  host 10.1.11.9

  nat (inside,dmz) static 172.19.176.73

--
Please remember to rate and select a correct answer

--

Please remember to rate and select a correct answer
155
Views
0
Helpful
2
Replies
CreatePlease to create content