Skip to main content

Cisco Notes

Static NAT

192.168.1.100 = (Private IP) /// 192.166.1.101 = (Public)

access-list inbound permit tcp any host 192.168.1.100
access-group inbound in interface outside 
object network obj-192.168.1.100 
host 192.168.1.100 
nat (inside,outside) static 192.166.1.101

Object Groups ASA

object-group service http-protocols tcp
port-object eq 80
port-object eq 443
object-group network webservers
network-object host 192.168.1.101
network-object host 192.168.1.102
network-object host 192.168.1.103
access-list OUTSIDE-IN extended permit tcp any object-group webservers object-group http-protocols
access-group OUTSIDE-IN in interface outside

packet-tracer

packet-tracer input inside icmp 192.168.1.100 8 0 8.8.8.8
packet-tracer input outside tcp 8.8.8.8 53 192.168.1.100 80

 

 

Back to top