[AusNOG] Cisco ASA question
Alex Samad - Yieldbroker
Alex.Samad at yieldbroker.com
Thu Apr 3 14:25:46 EST 2014
Hi
I have a Cisco ASA question for the list.
I have a 5520 (cluster)
int Internet
int internal
on the internet I have my dGW to the internet, I also have my own class c, lets say 1.2.3.0/24
I have a few object nat's defined for 1.2.3.x/24
I am going to start moving the NAT function away from the ASA.
I have a router inside my network with 1.2.3.129/32 on a look back interface and its advertised internally via OSPF. It can be seen on the ASA
>From my reading I believe I can get the ASA to forward and not nat for .129 if I use Identity NAT
But I can't find any examples for mixed Object NAT and identity NAT
And I am not sure the identity NAT will respond to ARP on the internet interface
And I presume I have to add the right permit.
I asked at the cisco forums, but the only person to respond said I couldn't do the /32 trick ...
So I am come to the list
Thanks in advance
Alex
More information about the AusNOG
mailing list