?
Solved

Configure Cisco Firewall for NAT

Posted on 2012-03-22
3
Medium Priority
?
333 Views
Last Modified: 2012-03-27
Hello Everyone,
I know this is a very open question with many possibilities, especially since you will not be familiar with our network.

We have an MPLS through a vendor and they have a firewall that we manage. I have not used an ASA (i think thats what they call it) firewall before. I have watchguard firewalls in our offices that we have been using for a long time. The vendor set the firewall up for us since we have a few offices and I found out where to allow outgoing ports, but im not sure how i would set up a NAT from one of the public IPs they gave us to an internal server.

I see the options for Access Rules and NAT Rules, but im not sure which one is the way to go. Any guidance, even if its a very basic overview to get me started, would be great.

The only version numbers i see are when i log in to the device. It says: Cisco ASDM 6.2f for FWSM.
0
Comment
Question by:msidnam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 10

Accepted Solution

by:
Larry Larmeu earned 1000 total points
ID: 37752450
0
 
LVL 10

Assisted Solution

by:pclinuxguru
pclinuxguru earned 1000 total points
ID: 37752496
Won't be perfect because like you said their may be differences in your network.

In ASDM -> Configuration -> Firewall -> NAT Rules

Click the little down arrow for add and select Add network Object

Name is whatever you want to call it. If its an exchange server an appropriate name would be mail or exchange... whatever makes it easy for you.

Type: Host
Ip Address: The Inside address of the server.
Translated addres would be the external IP.

After you get the server natted you would go into access rules and permit/deny what you need to to the server. However the rules go in order of how they are entered.

So you would allow the traffic for the specific ports first then a deny all rule after.
0
 
LVL 2

Author Closing Comment

by:msidnam
ID: 37770881
Thank you both. I had to use info from both of your comments.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question