Step 15 - Address Translation (Nat/Pat) - Cisco ASA 5505 Configuration Manual
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Startup Wizard Screens for the ASA 5505 Adaptive Security Appliance
b.
c.
d.
e.
f.
g.
h.
i.
Click Next to continue.
Step 4
For more information, see the
Step 15 - Address Translation (NAT/PAT)
PAT lets you set up a single IP address for use as the global address. In addition, you can set multiple
outbound sessions to appear as if they originate from a single IP address. PAT lets up to 65,535 hosts
start connections through a single outside IP address.
If you decide to use NAT, enter an address range to use for translating all addresses on the inside interface
to addresses on the outside interface. The global addresses in the pool provide an IP address for each
outbound connection, and for those inbound connections resulting from outbound connections.
When you use PAT, be aware of the following:
•
•
•
•
•
To enable NAT and share several external IP addresses on the inside VLAN to be used for translation,
Step 1
click the Use Network Address Translation (NAT) radio button, then do the following:
a.
b.
c.
To enable PAT, click the Use Port Address Translation (PAT) radio button. If you select this option,
Step 2
choose one of the following:
Cisco ASA 5500 Series Configuration Guide using ASDM
7-12
Enter the IP address of the DNS server.
Enter the IP address of the WINS server.
Enter the IP address of the alternate DNS server.
Enter the IP address of the alternate WINS server.
Enter the amount of time (in seconds) that the client can use its allocated IP address before the lease
expires. The default value is 3600 seconds (1 hour).
Enter the parameters for the ping timeout value in milliseconds.
Enter the domain name of the DNS server to use DNS.
To enable DHCP auto-configuration and choose the interface from the drop-down list, check the
Enable auto-configuration from interface check box. The values you specify in the previous areas
of this screen take precedence over the auto-configured values.
PAT does not work with caching name servers.
You may need to enable the corresponding inspection engine to pass multimedia application
protocols through the adaptive security appliance.
PAT does not work with the established command.
With passive FTP, use the inspect protocol ftp strict command with the access-list command to
allow outbound FTP traffic.
A DNS server on a higher level security interface cannot use PAT.
Enter the first IP address in a range of IP addresses to be used for translation.
Enter the last IP address in a range of IP addresses to be used for translation.
(Optional) Enter the subnet mask for the range of IP addresses to be used for translation.
Chapter 10, "Configuring DHCP."
Chapter 7
Using the Startup Wizard
OL-20339-01
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
