1. Home
  2. Cisco Systems
  3. Can an ASA 5520 NATed with down stream Network IP Addresses?

Can an ASA 5520 NATed with down stream Network IP Addresses?

Hello there,

Can an ASA 5520 NATed with down stream Network IP Addresses?

Here is propose network Diagram:

Internet (ISP) | Cisco Router (207.78.3.1) 207.78.3.X block | Cisco 2960 Switch

|

ASA 5520 (Outside 209.78.3.2) inside 192.168.1.1

| 192.168.1.X

Cisco 2960 Switch

| 192.168.1.X Cisco Router 192.168.1.2

| 192.168.2.X

Cisco Router

| 10.10.10.X

on ASA 5520 Config, Can I static NAT 207.78,3.X with 10.10.10.X ?

nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) 207.78.3.34 10.10.10.34 netmask

255.255.255.255 0 0 route outside 0.0.0.0 0.0.0.0 207.78.3.1 1 route inside 10.10.10.0 255.255.255.0 192.168.1.2 1
Reply to
UBEST
Loading thread data ...

It looks good, but you must be having same route in internal switch and router as well.

Reply to
CK

I usually don't enable routing in switch, will it be OK? Can anyone double confirm this NAT settings?

thanks so much.

Reply to
UBEST

Go for it,

The ASA doesn't care if the inside address you want to NAT is directly connected or x hops away .

Reply to
mcaissie

Reply to
UBEST

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.