cisco asa overload a static map?

We need to migrate to a new net block and I figured the easiest way would be to map an additional address to an existing internal. But the ASA won't let me do that.

Any way to work around this?

The only other way I could think to do this would be to assign an additional private address to the internal server and create a new static map to the new address.

Thanks.

Can you please elaborate on your problem description .

Thanks
Patiot

Sure, Let's see if I can explain it adequately.

Our ASA is configured to NAT certain public addresses 1.1.1.0/24 to certain private addresses 192.168.1.0/24. e.g.. 1.1.1.10 is static natted to 192.168.1.10. They are all listed in individual static nat statements.

Now we want to migrate to a new public address block 2.2.2.0/24. When I enter the command to nat 2.2.2.10 to 192.168.1.10 it says its already in use, can't do that. (staying with above example).

That's the rub. I'd like to use the new address simultaneously with the old address but the ASA won't let me do that.

Any suggestions to work around this limitation?

Thanks.

Hello ,

It cannot be done , you will not be able to map two addresses to one address in case of static NAT .

You will have to remove the existing nat statement and include the new one .

Thanks
Patiot

The only other way I could think to do this would be to assign an additional private address to the internal server and create a new static map to the new address.

Thats a very valid option too. I've seen Windows handle multiple IPs on the same NIC very well. Linux should do it as well.

Alternatively, If you have a spare ASA or PIX, you could create a static map from the old 1.1.1.x to 2.2.2.x and connect the inside of that to the outside of the original ASA. And only keep one map from 2.2.2.x to 192.168.1.x on your original ASA. Just an idea that popped, I could be wrong here.