We help IT Professionals succeed at work.


mcbritt used Ask the Experts™
OK here I go again,  I have a cable modem is plugged into the asa5510.  The server is connected to a wireless router and the asa5510 is connected to the same router.  The server is passing out dhcp.  The server's nic is configured with static ip. The router has dhcp disabled.  I get no access to internet.  I configured the ASA with the external IP address on the "outside" setting and the Internal IP on the "inside" setting.  I'm not sure about the NAT and PAT settings and wonder if they are possibly configured wrong.  Help
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Try this:

nat (inside) 1 0 0
global (outside) 1 interface


Ok, sorry, but a little confused.  So the NAT setting on the ASA for port 1 (inside) should be 1 0 0 (what does that mean?) and the Global (outside) port 0 should be on the 1 interface?  I thought the modem needed to be connected to the Port 0 on the ASA and then any of the other connections, 1-3, connected to a switch, hub, or router?  I'm new to NAT and PAT so I'm trying to understand it a little better.  Here is how I connected the ASA at this point.
Port 0 is connected to cable modem and assigned the external IP, subnet, gateway, and DNS1 and DNS2 provided by the ISP.
Port 1 is connected to the wireless router(temporarily).
From the server, I have the Local NIC connection going to the same router.
The server is passing out DHCP.

I used to have NIC 1 on the server configured with the ISP info and NIC 2 (Local) configured with a static internal IP.  The internal NIC was connected to a router and then other connections for the network came off the router as well.  The server was still passing out DHCP and everything was fine.

I configured the ASA for point-to-point VPN and pass-through VPN and I'm thinking this is where by problem lies.  I can provide configuriation information if that helps.
Sr. Systems Engineer
Top Expert 2008
A current configuration would certainly help.
Just to clarify:

global (outside) 1 interface
nat (inside) 1 0 0

Has no relation to the physical interface. This is what it means:
global nat for traffic going out the interface named "outside" assigns pool number 1 which is the actual interface IP address with keyword "interface"
nat traffic originating on interface named "inside" and use pool #1 (match the global). The 0 0 is shorthand for or "any" traffic originating inside.