HowtoForge

Using Firewall Builder To Configure Cisco ASA & PIX - Page 3

Getting Started: Configuring Cisco ASA & PIX

Reminder - In this tutorial we are configuring a Cisco ASA 5505 firewall that has the following interface configuration.

 

Step 4: Configure NAT Rules

Now that we have configured the Access Lists, the next step is to configure the NAT rules. Here are the NAT rules that we need to create:

To open the NAT rules for editing, double-click on the "NAT" object located under the asa-1 firewall object in the tree. To add a new rule to the Policy, click on the green icon at the top left of the main window.

To create the first NAT rule, drag-and-drop the Internal Network object from the tree to the Original Src column of the NAT rule. Next, drag-and-drop the firewall object's outside interface (Ethernet0/0) to the Translated Src column of the rule.

That's it. You should now have a NAT rule that looks like:

Right-click on the NAT rule you just created and select Add New Rule Below. The next NAT rule should translate traffic coming from the external SMTP Relay server to the internal Email Server. Follow the steps below to create the NAT rule.

You should now have two NAT rules that look like:

In the next section we will go through the process of compiling and installing the Access List and NAT rules on the firewall.

Using Firewall Builder To Configure Cisco ASA & PIX - Page 3