asa and auto nat…

it’s all over the internet but here is my rendition…

asa_nat_gns3

the topology is not pretty but you get the idea… the host is actually a cloud to the win 7 box…

these were the iterations focusing only on nat:

route inside 192.168.1.0 255.255.255.0 10.1.1.2 1

ciscoasa# sh run int g0
!
interface GigabitEthernet0
nameif inside
security-level 100
ip address 10.1.1.1 255.255.255.0

ciscoasa# sh run int g1
!
interface GigabitEthernet1
nameif outside
security-level 0
ip address 200.1.1.1 255.255.255.0

ciscoasa# sh run nat
!
object network inside-net
nat (inside,outside) dynamic interface

ciscoasa# sh nat

Auto NAT Policies (Section 2)
1 (inside) to (outside) source dynamic inside-net interface
translate_hits = 1, untranslate_hits = 0

ciscoasa# sh run object
object network inside-net
subnet 192.168.1.0 255.255.255.0

and the moment of truth:

ciscoasa# sh xlate
1 in use, 4 most used
Flags: D – DNS, i – dynamic, r – portmap, s – static, I – identity, T – twice
TCP PAT from inside:192.168.1.2/49742 to outside:200.1.1.1/7427 flags ri idle 0:00:26 timeout 0:00:30

this is the host going through r1 and the asa to the isp…

asa_nat

i’ve seen this guy, jay johnston on cln… this guy is sharp… he has a great video tutorial here… outstanding…

https://supportforums.cisco.com/docs/DOC-12324

i had asdm up and running but i preferred doing it from the cli…