Start Free TrialLog in
Avatar of SvenIA
SvenIAFlag for Netherlands

asked on 

Cisco ASA5520 understanding NAT rules

Hi Experts,

I have some questions about NAT rules. I have a running config of an ASA5520 with some NAT rules i'm trying to understand. I hope that someone can explain the following NAT rules to me.

First of all, in some rules I see the number 0, 1 or 2 comming back all the time. What does this number mean? And what does the global mean?

global (outside) 2 192.168.80.1-192.168.80.254 netmask 255.255.255.0
global (outside) 1 interface
nat (inside) 0 access-list NONAT

Second I see some access-group commands in front of an access list. What does this mean?

access-group OUTSIDE_ACCESS_IN in interface outside
access-group INSIDE_ACCESS_IN in interface inside

Thanks in advance!
Cisco
Avatar of undefined
Last Comment
SvenIA
SOLUTION
Avatar of sb1mpo
sb1mpo
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of SvenIA
SvenIA
Flag of Netherlands image

ASKER

Yeah that does help. So if I understand it well, several nat rules with number 1 belong together? Like,

nat (inside) 1 S011 255.255.255.255
nat (inside) 1 S014 255.255.255.255
nat (inside) 1 C001 255.255.255.255
nat (inside) 1 DC1-WS03 255.255.255.255
nat (inside) 1 Server_data_lan 255.255.255.0
nat (inside) 1 132.147.192.0 255.255.192.0
nat (inside) 1 10.0.0.0 255.0.0.0
nat (ASA-ISA) 1 S013-outside 255.255.255.25
ASKER CERTIFIED SOLUTION
Avatar of hitsotntd
hitsotntd
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
SOLUTION
Avatar of hitsotntd
hitsotntd
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of SvenIA
SvenIA
Flag of Netherlands image

ASKER

You guys are the best! Very helpfull explinations, thank you very much!
Cisco
Cisco

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

27K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent