Solved

ASA 8.0 Nnat and no nat issues

Posted on 2014-09-24
3
32 Views
Last Modified: 2015-08-25
Hi All,

Struggling a bit with an old ASA 5510 running ASA v8.0.  

This is a production box with previous confg on it. I have just added a 'guest wifi' segment to a spare port. This is to provide internet access only to people on the WiFi lan.  But, I also want to be able to manage the access point (HTTPS) from my 'inside' lan. Currently the inside lan can access the internet too. Both segments are correctly natting to the public address on my outside interface.

What config do I need to perform to allow hosts connected to 'inside' to reach the access point on 'GuestWiFi' but WITHOUT nat? I want the real ip address of the host to be logged by the AP.

I am struggling with the nat statements!

Remember, this is an old (pre v8.3) box.
Cheers
0
Comment
Question by:Tommy_Cooper
  • 2
3 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 40347609
Nat (inside,wifi) 0 <inside ip subnt> <mask>

Substitute your guest wifi interface name for wifi
0
 
LVL 3

Accepted Solution

by:
Tommy_Cooper earned 0 total points
ID: 40380326
A bit shocked at the lack of response here. EE was once a great resource. Not sure what happened!

So this response was sadly wrong.  The syntax is incorrect and the nameif inside the brackets is a single entry with no possibility of accepting multiple values. As it happens, my solution was to just add an extended ACL from my internal subnet to the AP host using the previously existing ACL for NAT 0

Thanks for the attempt though lrmoore :)
0
 
LVL 3

Author Closing Comment

by:Tommy_Cooper
ID: 40945630
Wrong answer!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Access List 4 40
Help with ASA config smtp traffic 10 39
switch design question 6 35
Cisco Maximum Prefixes Allowed for Customer 5 21
Cisco Pix/ASA hairpinning The term, hairpinning, comes from the fact that the traffic comes from one source into a router or similar device, makes a U-turn, and goes back the same way it came. Visualize this and you will see something that looks …
Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question