Cisco Cisco ASA 5585-X Adaptive Security Appliance 技术手册
Configure
Network Diagram
The IP addressing schemes used in this configuration are not legally routable on the Internet.
They are RFC 1918 addresses which have been used in a lab environment.
They are RFC 1918 addresses which have been used in a lab environment.
Allow Inside Hosts Access to Outside Networks with PAT
If you want inside hosts to share a single public address for translation, use Port Address
Translation (PAT). One of the simplest PAT configurations involves the translation of all internal
hosts to look like the outside interface IP address. This is the typical PAT configuration that is used
when the number of routable IP addresses available from the ISP is limited to only a few, or
perhaps just one.
Translation (PAT). One of the simplest PAT configurations involves the translation of all internal
hosts to look like the outside interface IP address. This is the typical PAT configuration that is used
when the number of routable IP addresses available from the ISP is limited to only a few, or
perhaps just one.
Complete these steps in order to allow inside hosts access to outside networks with PAT:
Choose Configuration > Firewall > NAT Rules. Click Add and then choose Network
Object in order to configure a dynamic NAT rule.
Object in order to configure a dynamic NAT rule.
1.
Configure the network/Host/Range for which Dynamic PAT is required. In this example, one
of the inside subnets has been selected. This process can be repeated for other subnets you
wish to translate in this manner.
of the inside subnets has been selected. This process can be repeated for other subnets you
wish to translate in this manner.
2.