Cisco ASA 5510 configuration help

[Danne84]

Hi!

I'm trying to configure NAT on my ASA5510 but i have never worked with Cisco before.
The interfaces is up, WAN,LAN.

What do i have to configure for the NAT to work?
I have DHCP from my ISP.

Also is the 5510 worth the effort? It has some years on it by now.
I have a Plus license on it.

And i have upgraded the memory and CPU. Running latest ASA, ASDM on it.

 

[mayhem87]

just create a object for your inside network and then in that object after you specify the range or subnet do a nat statement.

ie:

ciscoasa(config)# object network my-inside-net
ciscoasa(config-network-object)# subnet 192.168.2.0 255.255.255.0
ciscoasa(config-network-object)# nat (inside,outside) dynamic interface

 

[Danne84]

When i enter "nat (inside,outside) dynamic interface"
i get this error: ERROR: % Invalid input detected at '^' marker.

 

[mayhem87]

what are your interface names? That was just an example. if your interface names differ from inside for local subnet and outside for internet facing interface then you will have to put in the names appropriately. also while typing out the command "?" is your friend. If you get stuck you delete up to the carrot to see what went wrong and then "?"

 

[tangoseal]

Boy I hate the ASA. IOS Zone Firewall is leaps and boumds easier to use and just makes sense.

I recommend ASDM and use the wizards if your new to the product and lack CLI understanding.

 

[rma]

Boy I hate the ASA. IOS Zone Firewall is leaps and boumds easier to use and just makes sense.

I recommend ASDM and use the wizards if your new to the product and lack CLI understanding.

+1 for using the ASDM, this would help you more than trying to get the CLI to work, after this go study some cisco ios

 

[Danne84]

what are your interface names? That was just an example. if your interface names differ from inside for local subnet and outside for internet facing interface then you will have to put in the names appropriately. also while typing out the command "?" is your friend. If you get stuck you delete up to the carrot to see what went wrong and then "?"

My interface name is:

inside: LAN (192.168.200.0)
outside: WAN

 

[mayhem87]

so then your input should be

object network my-inside-net
subnet 192.168.200.0 255.255.255.0
nat (LAN,WAN) dynamic interface

If that doesn't work then please tell us what version of code you are running by doing a "show ver"

Is the DHCP working correctly on your WAN? Are you able to get out to the internet on it?

ASA CLI isn't that bad but I have been working on for some time now. I never really use ASDM except on rare occasions when I am doing special stuff with anyconnect.

 

[Valnar]

Boy I hate the ASA. IOS Zone Firewall is leaps and boumds easier to use and just makes sense.

I recommend ASDM and use the wizards if your new to the product and lack CLI understanding.

Not as easy as CBAC, and ZBW (along with the new NVI NAT in IOS) is also slower. I don't know what Cisco was smokin there.

 

[alkocelj]

Here you have ste-by-step CLI instructions:
http://www.firewall.cx/cisco-technical-knowledgebase/cisco-firewalls/964-cisco-asa5500-startup.html

 

[Jzegers24]

what version of code?