Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

asa 5505 ip address/subnet confilct warning

Posted on 2008-06-14
5
274 Views
Last Modified: 2010-04-09
I set my inside interface to the address of 10.0.0.1 255.255.255.0 (this was preconfigured on the old firewall).  When creating the nat (inside) 1 10.0.0.1 255.255.255.0 rule I originally entered '1' at the end of 10.0.0.1.  After I entered in the rule it gave me a warning stating that the IP address and the subnet has a conflit...  Now when I do a 'show run'  I see 'nat (inside) 1 10.0.0.0 255.255.255.0'.  The '1' was replaced with a '0'.  Will this still work?  I know why it did this, however, I'm trying to void re addressing the site...  
0
Comment
Question by:gopher_49
  • 2
  • 2
5 Comments
 
LVL 7

Accepted Solution

by:
naughton earned 250 total points
ID: 21787104
a .1 is invlaid with a 255.255.255.0 subnet -

the Nat command is looking for the network address of the subnet specified i.e. 10.0.0.0 vs 10.0.0.1

it will still work - and the nat command will NAT all traffic int eh 10.0.0.0 /24 subnet.
0
 

Author Comment

by:gopher_49
ID: 21788695
great.  I'll test later this after noon.  I'll get back with you shortly.
0
 
LVL 6

Assisted Solution

by:raptorjb007
raptorjb007 earned 250 total points
ID: 21794327
Naughton is correct, When using the Nat command you need to specify the subnet you want to nat rather than a specific IP.

The following is the correct statement for your listed config.

nat (inside) 1 10.0.0.0 255.255.255.0
0
 
LVL 7

Expert Comment

by:naughton
ID: 21866005
hey gopher_49

how'd you go?
0
 
LVL 6

Expert Comment

by:raptorjb007
ID: 21884322
Any luck?
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Setup another VLAN on Fortigate 3 30
Boosting Power of a Cisco Access Point 8 61
Cisco IPSec VPN Connection with Mac only sees Public folder 19 31
ASA 5505 packet drops 14 43
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question