You are a network security engineer for the Secure-X network. You have been tasked with implementing dynamic network object NAT with PAT on a Cisco ASA.
You must configure the Cisco ASA such that the source IP addresses of all internal hosts are translated to a single IP address (using different ports) when the internal hosts access the Internet.
To successfully complete this activity, you must perform the following tasks:
✑ Use the Cisco ASDM GUI on the Admin PC to configure dynamic network object NAT with PAT using the following parameters:
✑ Network object name: Internal-Networks
✑ IP subnet: 10.10.0.0/16
✑ Translated IP address: 192.0.2.100
✑ Source interface: inside
✑ Destination interface: outside
NOTE: The object (TRANSLATED-INSIDE-HOSTS) for this translated IP address has already been created for your use in this activity.
NOTE: Not all ASDM screens are active for this exercise.
NOTE: Login credentials are not needed for this simulation.
✑ In the Cisco ASDM, display and view the auto-generated NAT rule.
✑ From the Employee PC, generate traffic to SP-SRV by opening a browser and navigating to http://sp-srv.sp.public.
✑ From the Guest PC, generate traffic to SP-SRV by opening a browser and navigating to http://sp-srv.sp.public.
✑ At the CLI of the Cisco ASA, display your NAT configuration. You should see the configured policy and statistics for translated packets.
✑ At the CLI of the Cisco ASA, display the translation table. You should see dynamic translations for the Employee PC and the Guest PC. Both inside IP addresses translate to the same IP address, but using different ports.
You have completed this exercise when you have configured and successfully tested dynamic network object NAT with PAT.
- Simulation You 1 (153.88 KiB) Viewed 54 times
- Simulation You 2 (86.41 KiB) Viewed 54 times
- Simulation You 3 (73.94 KiB) Viewed 54 times
- Simulation You 4 (73.32 KiB) Viewed 54 times