Solved: ASA NAT

SathishkumarSaravanan0348 · ‎07-29-2019

Hi All,

What is the purpose of doing NAT for the object group towards inside,inside. The below is the sample configuration. Please explain on this.

nat (inside,inside) source static obj-10.242.69.0 obj-203.99.33.65 destination static Obj_202.89.3.8_32 Obj_202.89.3.8_32

Thanks.

Alan Ng'ethe · ‎08-04-2019

See this thread:

Nat Hairpin

Hello,

Hairpin NAT is totally supported on ASA with of course the same-security-traffic command. For e.g you would like all your internal USERS to acess an INTERNAL website with its EXTERNAL IP, then you can do a static (in,in) netmask 255.255.255.255.

In most cases, where you would like to do such kind of Hairpinning, you need to be mindful of the ASYMMETRIC ROUTING issues. But we have workarounds for them as well..

Thanks,

Vijaya

I would think its some kind of NAT to make an internal server with a public IP accessible to the 10.242.69.0 network

Remember to rate helpful posts and/or mark as a solution if your issue is resolved.

View solution in original post

Alan Ng'ethe · ‎08-04-2019

See this thread:

Nat Hairpin

Hello,

Hairpin NAT is totally supported on ASA with of course the same-security-traffic command. For e.g you would like all your internal USERS to acess an INTERNAL website with its EXTERNAL IP, then you can do a static (in,in) netmask 255.255.255.255.

In most cases, where you would like to do such kind of Hairpinning, you need to be mindful of the ASYMMETRIC ROUTING issues. But we have workarounds for them as well..

Thanks,

Vijaya

I would think its some kind of NAT to make an internal server with a public IP accessible to the 10.242.69.0 network

Remember to rate helpful posts and/or mark as a solution if your issue is resolved.