DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Enjoy Enclusive Offer for All IT Exam Dumps Now! Order Now

Comparison of the ASA NAT8.3

  •     Spoto
  • |
  •   Posted on: 2019-06-04
  • |
  •   Views: 810
  • |
  •   Category:
  • CISCO News

Comparison of the ASA NAT8.3

The comparison of the following commands is summarized by an engineer on the Internet. The personal feelings are summed up well. The special records are as follows and some examples are given. After the ASA configuration 8.3 is mainly the biggest change in NAT, basically restart. It mainly means to define an object first and then call the object. Obviously, this is to learn from other manufacturers. It also shows that Cisco is not self-sufficient and is constantly learning and improving. However, I think it is hard to understand after 8.3NAT.


Of course, this is  personal idea so you have to relearn the configuration. I remember that when I was configuring it, it took me half a year to understand the meaning of these NATs. In the configuration or often in the project configuration error that I also cannot find the reason. I suggest you guys can slowly try in the project. It is possible to really understand the following commands.



The above configuration is the most commonly used one-to-one static mapping, mainly to do some mapping to the server, so that the external network can access, it is obvious that the mapping does not call the currently defined parameters, so far, still do not understand the reason. The second mapping is port mapping. This is very common and is the most used in the project. The client has only one public network address, but needs to do different services for different servers, so it is distinguished by port. Note that the complete configuration also has the following commands, which need to be released and applied to the interface.


object network 192.168.1.1

 host 192.168.1.1

nat (inside1,outside) static interface service tcp 80 80

  nat (inside1,outside) static interface service tcp 443 443 access-list 101 extended permit tcp any host 192.168.1.1 eq 80

access-list 101 extended permit tcp any host 192.168.1.1 eq 443

access-group 101 in interface outside 




 

The most commonly used of the above configurations is PAT.

object network inside1

 subnet 192.168.1.0 255.255.255.0

 nat (inside1,outside) dynamic interface

 object network inside0 subnet 192.168.0.0 255.255.255.0

 nat (inside0,outside) dynamic interface

 route outside 0.0.0.0 0.0.0.0 18.12.18.13

Note: The above configuration is the PAT conversion of multiple internal network ports.

 you can visit  SPOTO CLUB to get more details

 

 

More you may be interested:

[exclusive]Cisco Certification Exam latest practice tests.

Conclusion of CISCO ASA configuration SSL VPN steps in SPOTO CCIE

Summary of two Cisco S4500 switch configurations

 

Comments:

Start the discussion...


To Leave a Comment or reply to posts please log in