Posted on 2011-03-18
Last Modified: 2012-08-13
I know how to do a one for one static NAT on a cisco asa...But, how do I do a Nat Pool on a Cisco ASA for a /27 subnet?
Question by:cisco_pro30
  • 4
  • 3
LVL 35

Expert Comment

by:Ernie Beek
ID: 35166382
You mean from the in- to the outside or vice versa? You want outgoing traffic to be natted to multiple publics?
Could you elaborate?

Author Comment

ID: 35166411
I have a inside /27 subnet that I want natted to one ouside address.  so one public natted to mutiple private (inside addresses)
LVL 35

Accepted Solution

Ernie Beek earned 500 total points
ID: 35166546
Well, you can't NAT one public address to multiple private addresses. You can forward ports on a single public address to multiple private addresses though. If that's what you're looking for then use:
static (inside,outside) tcp outside_ip port_number inside_ip port_number netmask

So, for example forward WWW to one host and RDP to another:

static (inside,outside) tcp 80 80 netmask
static (inside,outside) tcp 3389 3389 netmask
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.


Author Comment

ID: 35166637
This was exactly what I was looking for...Thank you

Author Closing Comment

ID: 35166642
Perfect answer
LVL 35

Expert Comment

by:Ernie Beek
ID: 35166653
You're welcome. Don't forget to open the ports for the public address in the access-list as well :)
LVL 35

Expert Comment

by:Ernie Beek
ID: 35166660
Thx, for the points :)

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now