Cisco ASA 5505 User Manual

Page 589

Advertising
background image

30-7

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 30 Configuring Network Object NAT

Configuring Network Object NAT

Detailed Steps

Command

Purpose

Step 1

(Optional)

Network object:

object network

obj_name

{host ip_address | range ip_address_1

ip_address_2}

Network object group:

object-group network

grp_name

{network-object {object net_obj_name |

host

ip_address} |

group-object

grp_obj_name}

Example:

hostname(config)# object network PAT_POOL1

hostname(config-network-object)# range

10.5.1.80 10.7.1.80

hostname(config)# object network PAT_POOL2

hostname(config-network-object)# range

10.9.1.1 10.10.1.1

hostname(config)# object network PAT_IP

hostname(config-network-object)# host

10.5.1.79

hostname(config-network-object)#

object-group network PAT_POOLS

hostname(config-network)# network-object

object PAT_POOL1

hostname(config-network)# network-object

object PAT_POOL2

hostname(config-network)# network-object

object PAT_IP

Specify the mapped address(es) (that you want to translate to).
You can configure a single address or, for a PAT pool, multiple
addresses. Configure a network object or network object group. A
network object group can contain objects and/or inline addresses.
Alternatively, you can skip this step if you want to enter a single
IP address as an inline value for the nat command or if you want
to use the interface address by specifying the interface keyword.

For mapped addresses used as a PAT pool, all addresses in the
object or group, including ranges, are used as PAT addresses.

Note

The object or group cannot contain a subnet.

See the

“Guidelines and Limitations” section on page 30-2

for

information about disallowed mapped IP addresses.

For more information about configuring a network object or
group, see the

“Configuring Objects” section on page 13-3

.

Step 2

object network

obj_name

Example:

hostname(config)# object network

my-host-obj1

Configures a network object for which you want to configure
NAT, or enters object network configuration mode for an existing
network object.

Step 3

{host ip_address | subnet subnet_address

netmask | range ip_address_1 ip_address_2}

Example:

hostname(config-network-object)# range

10.1.1.1 10.1.1.90

If you are creating a new network object, defines the real IP
address(es) that you want to translate.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals