Cisco ASA Series 2: Configuring NAT
Cisco ASA Series 2: Configuring NAT
Address translation replaces a packet's actual address with a mapped address that can be routed through the destination network. The two steps that make up NAT are the procedure to translate a real address into a mapped address and the procedure to reverse translation for returning traffic.
Start by clicking the Configure button, and then clicking the NAT button
Fig 1.1- ASDM |
You will see the default NAT rule on the screen.
We will want to add an entry for the Inside VLAN. Click the default NAT rule, and then click the Edit button.
Fig 1.2- ASDM |
Now click Apply at the bottom of the ASDM screen.
Click Tools > Command Line, and enter the command show run to see what changes you have made.
You should notice that we have successfully created one half of the NAT translation configuration by identifying the Inside VLAN’s addresses. Now we need to identify the Outside Global addresses.
You should notice that we have successfully created one half of the NAT translation configuration by identifying the Inside VLAN’s addresses. Now we need to identify the Outside Global addresses.
Go back to the NAT rule you just created. Click the Edit button.
Under Dynamic Translation, select the Outside interface and click Edit. This will bring up a new window where you can edit the translation rules.
Fig 1.3- ASDM |
Enter the global IP address Range. In the Lab, we will be using 192.168.10.2 – 192.168.10.10 with a subnet mask of 255.255.255.0.
When you are done, click the Add button.
Remove the generic Outside interface address pool by highlighting it, and selecting the Delete option.
When you are done, click Apply.
If you go back to Tools > Command Line and execute the show run command, you will now see the complete NAT configuration.