Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ASA 1

Status
Not open for further replies.
vtgman

vtgman

IS-IT--Management
Sep 30, 2004
46
US
I would like to nat 3 internal addresses to 1 external. Is this possible and can someone point in the right direction on how to do it?

Thanks,
Jeff
 
Sort by date Sort by votes
access-list policy_nat permit permit ip host <ipaddress1> any
access-list policy_nat permit permit ip host <ipaddress2> any
access-list policy_nat permit permit ip host <ipaddress3> any

global (outside) 15 <publicIP>
nat (inside) 15 access-list policy_nat
 
Upvote 0 Downvote
sorry..

access-list policy_nat permit ip host <ipaddress1> any
access-list policy_nat permit ip host <ipaddress2> any
access-list policy_nat permit ip host <ipaddress3> any
 
Upvote 0 Downvote
Does it matter if I already have a
global (outside) <publicIP>?

Thanks,
Jeff
 
Upvote 0 Downvote
no problem as long as the NAT ID's don't clash
global (outside) <x>
 
Upvote 0 Downvote
Hello again. Having issues - please see below this is what I need to do:

For each of the 3 internal IP addresses I need to show ports
5631-5634, 1580-81, & 8081 - internal 1
5635-5638, 1582-83, & 8082 - internal 2
5639-5642, 1584-85, & 8083 - internal 3

and then map to one external ip address.

I hope this helps and clarifies things.
 
Upvote 0 Downvote
Static (inside,outside) tcp public.ip 5631 private.ip.1 5631
Static (inside,outside) tcp public.ip 5632 private.ip.1 5632
Static (inside,outside) tcp public.ip 5633 private.ip.1 5633
Static (inside,outside) tcp public.ip 5634 private.ip.1 5634
Static (inside,outside) tcp public.ip 1580 private.ip.1 1580
Static (inside,outside) tcp public.ip 1581 private.ip.1 1581

Static (inside,outside) tcp public.ip 5635 private.ip.2 5635
Static (inside,outside) tcp public.ip 5636 private.ip.2 5636
Static (inside,outside) tcp public.ip 5637 private.ip.2 5637
Static (inside,outside) tcp public.ip 5638 private.ip.2 5638
Static (inside,outside) tcp public.ip 1582 private.ip.2 1582
Static (inside,outside) tcp public.ip 1583 private.ip.2 1583

Static (inside,outside) tcp public.ip 5639 private.ip.3 5639
Static (inside,outside) tcp public.ip 5640 private.ip.3 5640
Static (inside,outside) tcp public.ip 5641 private.ip.3 5641
Static (inside,outside) tcp public.ip 5642 private.ip.3 5642
Static (inside,outside) tcp public.ip 1584 private.ip.3 1584
Static (inside,outside) tcp public.ip 1585 private.ip.3 1585

Access-list outside_inbound_access permit tcp any host public.ip range 5631 5642
Access-list outside_inbound_access permit tcp any host public.ip range 1580 1585
Access-list outside_inbound_access permit tcp any host public.ip range 8081 8083

Access-group outside_inbound_access in interface outside


This assumes TCP as the protocol, outside interface name = outside

Hope this helps.
 
Upvote 0 Downvote
Also. By omitting the netmask command it will assume 32-bits, otherwise after defining the port number you could use netmask 255.255.255.255
 
Upvote 0 Downvote
Thanks a bunch worked perfectly.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
297
intel233
intel233
gkreg
  • Locked
  • Question
asa 5500-x url filtering
Replies
0
Views
200
gkreg
gkreg
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
325
intel233
intel233
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
203
AllenH12
AllenH12
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
88
WhosYourDiffie
WhosYourDiffie

Part and Inventory Search

Sponsor

Back
Top