Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
633
Views
5
Helpful
2
Replies

Any Workaround for not being able to have an FQDN as a NAT Destination

scottwilliamson
Level 2
Level 2

‎09-01-2017 02:28 AM - edited ‎02-21-2020 06:15 AM

Hi,

 

I am required to add a rule that will allow any device to be able to browse to an FQDN and have a specific outside address for that traffic. As is know you cannot have an FQDN in the NAT destination field. Are there any workarounds for this?

 

Many Thanks

Scott

Labels:
0 Helpful
2 Replies 2

scottwilliamson
Level 2
Level 2

‎09-01-2017 02:33 AM

I should also say this is on an ASA 5545-X running version 9.7(1)
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to scottwilliamson

‎09-01-2017 05:33 AM

Is the destination FQDN always the same IP address or is it something delivered over a CDN or such that makes it variable? In the former case it's a common use case.

Also, if you have a Firepower service module this is done easily there using a URL Filter rule. WSA or other web proxies also do it quite well.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card