Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

To NAT, or not to NAT

Hi,

I cant get my head around the following.

I have an ASA which has a public IP on its outside interface.

This IP is one of 6 from a public subnet.

This IP is used to translate the inside hosts to when accessing the Internet.

When I add a static NAT for the same outside IP (for the mailserver), this doesnt, work.

When I use a free IP from the public subnet its works perfectly.

I think I should be able to use the same address to do both.

Any ideas?

Best regards.

2 REPLIES

Re: To NAT, or not to NAT

Hi,

The mail server needs static NATing, in order to communicate with the outside world, it can't be dynamically NATed using the dynamic NAT pool of your LAN.

HTH,

Mohammed Mahmoud.

Green

Re: To NAT, or not to NAT

When using the outside ip address of the asa in your static, you must use the interface keyword like this...

static (inside,outside) tcp interface smtp 192.168.x.x smtp netmask 255.255.255.255

or

static (inside,outside) interface 192.168.x.x netmask 255.255.255.255

181
Views
0
Helpful
2
Replies
CreatePlease login to create content