Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5520 using static and nat networks?

Hello,

We migrated from a pix 515R using a outside and inside interfaces. The old pix has a static ip for the inside interface so we use all the class c ip's on the inside.

We are now migrating to a ASA 5520 but now with the following interfaces. outside, inside, dmz

We would like to have the dmz network as a static class C addresses of our old network and create another inside interface with private ip's i.e. 192.168.233.*

We have the config setup as follows, how can I make the 192.168.233.* to be nat'd?

static (DMZ,outside) 167.176.233.0 167.176.233.0 netmask 255.255.255.0

access-group outside_access_in in interface outside per-user-override

route outside 0.0.0.0 0.0.0.0 204.90.77.233 1

PS: We have a /254 for our router inside and pix outside interfaces. And the whole class C for our DMZ

Thanks for the help.

Jeff

2 REPLIES
Bronze

Re: ASA 5520 using static and nat networks?

ip address inside 192.168.233.1 255.255.255.0

nat (inside) 1 192.168.233.0 255.255.255.0

(or "nat (inside) 1 0.0.0.0 0.0.0.0")

global (outside) 1 interface

This will PAT all inside IP addresses to the outside interface IP address.

New Member

Re: ASA 5520 using static and nat networks?

Thanks.. I will try it out tomorrow when I get back at work. Btw, this shouldn't interfere with the static on the DMZ right? Do I also need to do the following so that my DMZ and inside will talk to each other?

static(DMZ,inside) 192.168.233.0 192.168.233.0 255.255.255.0 0 0 ?

Thanks

Jeff

105
Views
0
Helpful
2
Replies
CreatePlease login to create content