Now that the ASA knows how to forward to the Internet and the DHCP clients on the inside know to use the ASA as their default gateway, we have a problem with the IP addresses the clients are using on the inside: They are all using private IP address space. Those packets will not be allowed on the Internet. Have no fear, because we know that the ASA can do Network/Port Address Translation (NAT/PAT). To implement this, navigate to Configuration > Firewall > NAT Rules and click Add (see Figure 16-13).


Figure 16-13 Adding NAT Rules

In the top half of the dialog box, you specify the source traffic (where the traffic will be coming from). ...

Get Santos:CCNA Sec 210-260 OCG now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.