We have been implementing Nat ( Network Address Translation) on ASA 8.2 and older version since so long.  But now the as the version 8. 3,8.4 and new version has been upgraded Cisco has implemented the newer and simple configuration to implement Nat.

The 8.3 and newer version doesn’t support Nat-control, Nat (inside), Static (inside,outside) and global Command. In newer version the way of implement Nat is totally different. And there is there way to implement Nat in ASA version 8.3 and newer.

There are three way you can implement Nat in ASA 8.3 version

• Manual Nat Configuration (Section 1)
• Auto Nat Configuration (Section 2)
• Manual Nat (After Auto Nat) – (Section 3)

So today we will learn how to implement the Auto Nat configuration in the ASA 8.3 , 8.4 and all new version. So let’s jump in

In order to implement the Auto Nat we create the object group in which we define hosts, subnet or range of network and we call the Nat inside the object. Here is the simple configuration you can check Two Object has been Created Translated and Local. Translated object signify the translated Ip address and Local object signify the Network or host to be translated. Access-lists are defined to permit the icmp traffic.

Here is the configuration

ASA Version 8.4(2)

!
hostname ASA
!
interface GigabitEthernet0
nameif outside
security-level 0
ip address 1.1.1.1 255.255.255.0
!
interface GigabitEthernet1
nameif inside
security-level 100
ip address 192.168.146.10 255.255.255.0
!
interface GigabitEthernet2
nameif dmz
security-level 50
ip address 11.11.11.1 255.255.255.0

!

object network translated
range 1.1.1.5 1.1.1.10

!

object network local
nat (inside,any) dynamic translated

access-list icmp_traffic extended permit icmp any host 192.168.146.100

access-group icmp_traffic in interface outside
access-group icmp_traffic in interface dmz

!