Have you ever needed to add a new remote site to your network and add it to your ASA with 8.3 or higher code? I mean, you already have the ASA setup and doing what you want it to do. You just need to add the new site for Internet access. Here is what you do.
The ASA needs to know about the new remote site. 192.168.7.0/24 is the new network.
object network obj-192.168.7.0
subnet 192.168.7.0 255.255.255.0
You have to have a route pointing back to the internal core switch (10.10.1.1) to get to the new remote site.
route inside 192.168.7.0 255.255.255.0 10.10.1.1
This was already in the config and no change needed, since it encompasses all internal networks.
object network obj_any
nat (inside,outside) dynamic interface
Or, you could say this for the NAT translation:
object network obj-192.168.7.0
nat (inside,outside) dynamic interface
This is the White Rhino Security blog, an IT technical blog about configs and topics related to the Network and Security Engineer working with Cisco, Brocade, Check Point, and Palo Alto and Sonicwall. I hope this blog serves you well. -- May The Lord bless you and keep you. May He shine His face upon you, and bring you peace.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Your comment will be reviewed for approval. Thank you for submitting your comments.