We're moving from PIX's to ASA5550's. We did a lot of external IP address sharing among several internal networks like this:
OLD: global (outside) 100 12.34.56.78 nat (inside) 100 10.99.0.0 255.255.255.0 0 0 nat (inside) 100 10.55.0.0 255.255.0.0 0 0 We have hundreds of internal networks that need to be NAT'ed to a limited set of outside IP addresses (/24). On the ASA5550 however: NEW: object network alpha-dynamic-nat subnet 10.99.0.0 255.255.255.0 nat (inside,outside) dynamic 12.34.56.78 object network beta-dynamic-nat subnet 10.55.0.0 255.255.0.0 nat (inside,outside) dynamic 12.34.56.78 WARNING: Pool (12.34.56.78) overlap with existing pool. Is it still okay to have multiple internet networks NAT'ed and sharing an external IP address? _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/