Task
● Configure R1 ip is 192.168.1.1/24 and R2 ip 101.1.1.1/24
● Create 3 loopbacks on R1
àL1 ip is 192.168.101.1
àL2 ip is 192.168.102.1
● Configure ASA1 on e0 ip 192.168.1.10 nameif inside security level 100 and on e1 ip 101.1.1.10 nameif outside with security level of 0
● Rung EIGRP between ASA1 and R1
● Configure Section 1 nat on ASA1 so that any inside user is ampped ith pool of public ip address (101.1.1.11,101.1.1.12.101.1.1.13)
● Run fixup protocol icmp to inspect icmp traffic
● Ping R1 to R2
● Verify run “debug ip icmp” on R1 and R2
Explanation
In Nat section 1 NAT order is not mentioned by ASA, Admin needs to maintain the NAT order manually using sequence number. We run NAT statement in “global” mode. Conditional NAT is supported with “destination” keyword. In this we have to create two objects one from real-ip and another for Mapped-ip. Then we will run the NAT command
Configuration
On R1
On ASA1
On R2
On SW1
NAT on ASA
Result
Debug on R2
