When traffic from the inside goes to the outside, we will translate it to the public pool that we created earlier. The network object called “INTERNAL” specifies the subnet that we want to translate (the entire 192.168.1.0 /24) subnet and also has the NAT rule. The next step is to configure a network object for the hosts that we want to translate: ASA1(config)# object network INTERNALĪSA1(config-network-object)# subnet 192.168.1.0 255.255.255.0ĪSA1(config-network-object)# nat (INSIDE,OUTSIDE) dynamic PUBLIC_POOL First we will configure a network object that defines the pool with public IP addresses that we want to use for translation: ASA1(config)# object network PUBLIC_POOLĪSA1(config-network-object)# range 192.168.2.100 192.168.2.200Īs an example I’ll use the 192.168.2.100 – 200 range from the 192.168.2.0 /24 subnet that we use on the outside interface. The following example is for ASA 8.3 and later.
Now we can focus on configuring dynamic NAT… Dynamic NAT Configuration I’m using routers so that I have something to connect to. In the middle we have our ASA, its E0/0 interface belongs to the inside and the e0/1 interface belongs to the outside. Having said that, let’s take a look at dynamic NAT on the ASA.
If you are unsure of how NAT/PAT exactly works then I recommend to read my Introduction to NAT/PAT first.
#FIREWALL CONFIGURATION ASA 5505 CISCO PACKET TRACER HOW TO#
In this lesson I will explain how to configure dynamic NAT. Just like the Cisco IOS routers we can configure NAT / PAT on our Cisco ASA firewall.
0 kommentar(er)
