Home
Certification Preparation
Cisco
CCNP
CCNP Security
ASA & NAT Out of the box
Netstudent
A brand new ASA with an up to date image comes out of the box with these statements for nat
Nat(inside) 1 0.0.0.0 0.0.0.0
In the ASDM it reads Dynamic NAT, source=any destination=any, translated interface=outside, address=outside.
So will this automatically NAT anything you configure on the inside vlan?
I ask because I am having HELL with getting an ASA to work over a bridged DSL connection.
Find more posts tagged with
Comments
Ahriakin
The default is to PAT all inside with the IP of the outside interface. So your global should be something like global (outside) 1 interface . If you are using DHCP for the outside interface to accept the bridged IP make sure you used the setroute addition to the IP command to let it get the Default gateway from the DSL box also e.g. IP ADDRESS DHCP SETROUTE under the interface/vlan interface you are using on the outside.
Netstudent
Hey thanks for the tips. Each of the DSL sites that are going live were given a single static IP address. I put that IP address on the outside VLAN. I think the reason I have experienced difficulty is because various service providers use a different DSL modem.
Ahriakin
I know, DSL is a pain in the ass compared to using cable for this type of thing. Each vendor handles bridging a different way. The last one I set on monday basically didn't use bridging if you wanted to keep the PPOE info. on the modem (Which I prefer so that if we change ISPs I don't have to reconfigure the firewall) you assigned the Static IPs as it's DHCP scope, the one I did previously was a standard bridge config. where you configured the ASA as a DHCP client and then set it to directly bridge the IP to it.
Fun fun fun.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
