• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 236
  • Last Modified:

Help with a Nat rule in ASA Software Version 8.2

So i need to add this NAT rule in one of our new ASA devices

I successfully added it on one side but its running a older version of the firmware

nat (Inside,Outside) source static SHF-BRKLYN-LAN_LOCAL SHF-BRKLYN-LAN_LOCAL destination static SHF-NY-LAN_LOCAL SHF-NY-LAN_LOCAL

Open in new window

0
Rat Zulu
Asked:
Rat Zulu
  • 2
  • 2
1 Solution
 
LeoCommented:
so you need assistance in NAT rule or upgrading the firmware?
0
 
Rat ZuluAuthor Commented:
Both Actually

I want to upgrade the firmware but i prefer to do it in the weekend

How can i setup a nat like this in 8.2?

Thanks in advance
0
 
LeoCommented:
There have been few changes in how NAT commands are defined in ASA NAT 8.3+ have a look at this document.
https://supportforums.cisco.com/document/132066/asa-nat-83-nat-operation-and-configuration-format-cli 

For your upgrade you need to upgrade from 8.2 to 8.4 and then to 9.1, cli commands for upgrade are listed here...
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/upgrade/upgrade91.html
0
 
Ken BooneNetwork ConsultantCommented:
I am assuming that this rule pertains to a VPN tunnel.

If it does, this is done much differently in 8.2 code.   In 8.2 code you would create a no nat rule that would include an ACL like this:

access-list NO-NAT extended permit ip x.x.x.0 255.255.255.0 y.y.y.0 255.255.255.0

x.x.x.0 = SHF-BRKLYN-LAN_LOCAL
y.y.y.0 = SHF-NY-LAN_LOCAL

then you need to apply it to what is referred to as a NAT 0 statement:

nat (inside) 0 access-list NO-NAT

So what this does is says that when traffic comes in from the inside interface - if it matches the ACL NO-NAT then do not perform a NAT operation when the packet is routed to another interface.

Hope that helps.
0
 
Rat ZuluAuthor Commented:
Ken Boone CCIE #4649

Yes for a L2L

Thanks brother, appreciate it
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now