https://community.cisco.com/t5/network-security/help-with-8-4-natting/m-p/1741946#M494785 <P>Hi All,</P><P></P><P>I worked on ASAs previoulsy, many version ago.&nbsp; This new 8.4 IOS is kind of throwing me for a loop.&nbsp; Also I have been out of firewalling for some time and trying to get back into the swing of things.&nbsp; So anyway, basically I am just trying to publish OWA on a specific ip address.&nbsp; this is what I have right now as my nat</P><P></P><P>nat (outside,inside) source dynamic any &lt;real IP&gt; destination static OWA_Server OWA_Server service https https</P><P></P><P>This is a new box with no real world network behind it, so I cannot test but when I do a packet trace I see:</P><P></P><P>Dynamic translate &lt;real random IP&gt;/4444 to &lt;real IP&gt;/27953</P><P></P><P>What concerns me in the translation is the port numbers.....am I looking at the wrong thing? or am I just doing this completely wrong?</P><P></P><P></P><P>TIA,</P><P></P><P></P><P>R</P> Mon, 11 Mar 2019 21:42:39 GMT rhltechie 2019-03-11T21:42:39Z https://community.cisco.com/t5/network-security/help-with-8-4-natting/m-p/1741946#M494785 <P>Hi All,</P><P></P><P>I worked on ASAs previoulsy, many version ago.&nbsp; This new 8.4 IOS is kind of throwing me for a loop.&nbsp; Also I have been out of firewalling for some time and trying to get back into the swing of things.&nbsp; So anyway, basically I am just trying to publish OWA on a specific ip address.&nbsp; this is what I have right now as my nat</P><P></P><P>nat (outside,inside) source dynamic any &lt;real IP&gt; destination static OWA_Server OWA_Server service https https</P><P></P><P>This is a new box with no real world network behind it, so I cannot test but when I do a packet trace I see:</P><P></P><P>Dynamic translate &lt;real random IP&gt;/4444 to &lt;real IP&gt;/27953</P><P></P><P>What concerns me in the translation is the port numbers.....am I looking at the wrong thing? or am I just doing this completely wrong?</P><P></P><P></P><P>TIA,</P><P></P><P></P><P>R</P> Mon, 11 Mar 2019 21:42:39 GMT https://community.cisco.com/t5/network-security/help-with-8-4-natting/m-p/1741946#M494785 rhltechie 2019-03-11T21:42:39Z https://community.cisco.com/t5/network-security/help-with-8-4-natting/m-p/1741947#M494786 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>look at this:</P><P></P><P><A href="http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/nat_objects.html#wp1106703">http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/nat_objects.html#wp1106703</A></P><P></P><P></P><P>Regards.</P><P></P><P>Alain.</P></BODY></HTML> Wed, 26 Oct 2011 17:47:49 GMT https://community.cisco.com/t5/network-security/help-with-8-4-natting/m-p/1741947#M494786 cadet alain 2011-10-26T17:47:49Z https://community.cisco.com/t5/network-security/help-with-8-4-natting/m-p/1741948#M494787 <HTML><HEAD></HEAD><BODY><P>Hi R,</P><P></P><P>What i undesrtand is that you are trying to publish your OWA server to the outside world on port 443. The nat that you have is not actually corrcect, let me explain :</P><P></P><P>Lets say the public ip of OWA server is 1.1.1.1</P><P>and private ip is 10.1.1.1</P><P></P><P>then;</P><P></P><P>object network OWA_public</P><P> host 1.1.1.1</P><P></P><P>object network OWA_real</P><P> host 10.1.1.1</P><P></P><P>object service tcp_https</P><P>&nbsp; service tcp destination eq 443</P><P></P><P></P><P>nat (outside,inside) source static any any destination static OWA_public OWA_real service tcp_https tcp_https</P><P></P><P>Let me know if you have any questions regarding the above</P><P></P><P>Thanks,</P><P>Varun</P></BODY></HTML> Wed, 26 Oct 2011 19:19:23 GMT https://community.cisco.com/t5/network-security/help-with-8-4-natting/m-p/1741948#M494787 varrao 2011-10-26T19:19:23Z https://community.cisco.com/t5/network-security/help-with-8-4-natting/m-p/1741949#M494788 <HTML><HEAD></HEAD><BODY><P>I see now I should be using a static nat but the usage is still a little confusing to me.</P><P></P><P>when I enter the above and then do a packet trace on it I see the following:</P><P></P><P></P><P>static translate <RANDOM ip="">/4576 to <SAME random="" ip="">/4576</SAME></RANDOM></P><P></P><P>which doesnt seem to make sense as to what i am after.&nbsp; am i looking at the packet tracer wrong?</P><P></P><P>thanks for your help.</P></BODY></HTML> Wed, 26 Oct 2011 19:56:47 GMT https://community.cisco.com/t5/network-security/help-with-8-4-natting/m-p/1741949#M494788 rhltechie 2011-10-26T19:56:47Z