Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

ASA 8.0 Nnat and no nat issues

Posted on 2014-09-24
3
35 Views
Last Modified: 2015-08-25
Hi All,

Struggling a bit with an old ASA 5510 running ASA v8.0.  

This is a production box with previous confg on it. I have just added a 'guest wifi' segment to a spare port. This is to provide internet access only to people on the WiFi lan.  But, I also want to be able to manage the access point (HTTPS) from my 'inside' lan. Currently the inside lan can access the internet too. Both segments are correctly natting to the public address on my outside interface.

What config do I need to perform to allow hosts connected to 'inside' to reach the access point on 'GuestWiFi' but WITHOUT nat? I want the real ip address of the host to be logged by the AP.

I am struggling with the nat statements!

Remember, this is an old (pre v8.3) box.
Cheers
0
Comment
Question by:Tommy_Cooper
  • 2
3 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 40347609
Nat (inside,wifi) 0 <inside ip subnt> <mask>

Substitute your guest wifi interface name for wifi
0
 
LVL 3

Accepted Solution

by:
Tommy_Cooper earned 0 total points
ID: 40380326
A bit shocked at the lack of response here. EE was once a great resource. Not sure what happened!

So this response was sadly wrong.  The syntax is incorrect and the nameif inside the brackets is a single entry with no possibility of accepting multiple values. As it happens, my solution was to just add an extended ACL from my internal subnet to the AP host using the previously existing ACL for NAT 0

Thanks for the attempt though lrmoore :)
0
 
LVL 3

Author Closing Comment

by:Tommy_Cooper
ID: 40945630
Wrong answer!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question