Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Static NAT for whole subnets

Status
Not open for further replies.
Oct 22, 2001
431
US
All,
We're looking at implementing a substantial number of 1-to-1 static NATs on our ASA 5510, a range of public IPs NATed back to a range of privately-addressed hosts. The catch is, we cannot use dynamic pools because 50.50.1.1 has to translate to 10.10.1.1, 50.50.1.2 <-> 10.10.1.2, etc, every time, and there's enough IPs involved to make one config line per IP impractical. I've looked around both in this forum and elsewhere on the internet and haven't found a solid solution; is anyone familiar with the cabability (and if so, syntax) of the ASA to do a "subnet-to-subnet" static NAT?

CompTIA: A+ (WfW 3.11), Network+
Microsoft: MCSE+I (NT4)
Novell: CNE (4.11, 5.0)
Citrix: CCA (Metaframe 1.0)
Cisco: CCNA (current)
Working on MS 70-642 then CCNP...
 
What version of ASA? I beleive this is possible with the newest code that uses new and confusing nat commands. :)
 
I found the solution, it's obvious in retrospect. A 'normal' one-to-one static NAT config line is as follows:

static (inside,outside) 197.92.76.1 10.0.0.1 netmask 255.255.255.255

Result is:
197.92.76.1 <--> 10.0.0.1

But if you HAVE to specify the netmask, then what happens when you adjust the netmask?

static (inside,outside) 197.92.76.0 10.0.0.0 netmask 255.255.255.0

This one-to-one's the entire /24:
197.92.76.0 <--> 10.0.0.0
197.92.76.1 <--> 10.0.0.1
197.92.76.2 <--> 10.0.0.2
197.92.76.3 <--> 10.0.0.3
...
197.92.76.255 <--> 10.0.0.255

CompTIA: A+ (WfW 3.11), Network+
Microsoft: MCSE+I (NT4)
Novell: CNE (4.11, 5.0)
Citrix: CCA (Metaframe 1.0)
Cisco: CCNA (current)
Working on MS 70-642 then CCNP...
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top