Enable Users on the Inside Network to Access the Internet Using the Outside Interface's Public IP Address
Use Case
Allow users and computers in your private network to connect to the internet by sharing the public address of your outside interface.
Strategy
Create a port address translation (PAT) rule that allows all the users on your private network to share the outside interface public IP address of your device.
After the private address is mapped to the public address and port number, the device records that mapping. When incoming traffic bound for that public IP address and port is received, the device sends it back to the private IP address that requested it.
Procedure
Step 1 | In the left pane, click . |
Step 2 | Click the Devices tab to locate the device or the Templates tab to locate the model device. |
Step 3 | Click the appropriate device type tab. |
Step 4 | Select the device you want to create the NAT rule for. |
Step 5 | Click NAT in the Management pane at the right. |
Step 6 | Click Network Object NAT. |
Step 7 | In section 1, Type, select Dynamic. Click Continue. |
Step 8 | In section 2, Interfaces, choose any for the source interface and outside for the destination interface. Click Continue. |
Step 9 | In section 3, Packets, perform these actions :
|
Step 10 | For an FDM-managed device, in section 5, Name, enter a name for the NAT rule. |
Step 11 | Click Save. |
Step 12 | Review and deploy now the changes you made, or wait and deploy multiple changes at once. |
Here are the entries that are created and appear in an ASA's saved configuration file as a result of this procedure.
Note | This does not apply to FDM-managed devices. |
Objects created by this procedure:
object network any_network
subnet 0.0.0.0 0.0.0.0
NAT rules created by this procedure:
object network any_network
nat (any,outside) dynamic interface