My customer is doing static IPs but is running out of available IP addresses. He wants to utilize a FWSM in a C6513 that is not being used and configure it for NAT to allow more IP addresses - but doesn't want to change his other static IPs. Can they run at the same time? I've only been in enviroments that used NAT exclusively. Will it work if one of his static IPs was placed on the FWSM outside interface to provide more IP addresses?
He would like to use the NAT feature of the FWSM to create more ip addresses. One IP on the outside is translated into a range of IP adddresses on the inside.
My customer gave me one of the last IP addresses he has, which is 188.8.131.52, and wants me to place in on the external interface. He wants that one IP address to translate to a range of IP addresses on the inside (192.168.1.1 to 192.168.1.254 with a Class C subnet). Yet, he is hoping that the other static IPs in the 184.108.40.206 range don't need to be static changed. Since the FWSM is a module, there are no physical interfaces so it uses VLANs. If the outside VLAN is VLAN 5 and the inside VLAN is VLAN 55, will NAT be available on a workstation connected to a port that is on VLAN 55?
Sincere apologies for not responding. Sometimes due to pressures of work etc. i lose track of a thread. If this is still a problem i would be more than happy to try and sort this out with you.
I'm still a little unclear as to what you are asking. Yes you can use a single IP address on the outside interface of the FWSM and NAT all the clients on the inside interface to that IP address. What you cannot do with this setup is initiate connections from outside to a client on vlan 55 because there is not static translation set up. But it works fine if the clients on vlan 55 initiate the connection.
Does this answer your question ?
Once again apologies, these forums are usually very helpful.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...