08-02-2017 06:00 AM - edited 03-12-2019 02:46 AM
Dear Experts,
Scenario :
PC A (windows Server 2012 with two banking Applications hosted on it) IP : 10.60.2.37
Application 1 needs to reach to Server IP : 192.168.123.171
Application 2 needs to reach To Server IP : 192.168.123.221
When Application 1 goes to his server his packets should be natted to 192.168.123.150
When Application 2 goes to his server his packets should be natted to 192.168.123.160
i.e depending upon the destn address i need to do natting for my ip : 10.60.2.37
IS it possible ..?
IF yes ..how can i write nat in asa 9.4 ..?
Awaiting ...
Solved! Go to Solution.
08-14-2017 11:23 AM
Just browsing this sub and thought I'd give a shout back. Yes, you can do this but you'll need to create objects for the IP addresses prior to adding the NAT statements and then reference those objects in the NAT statement; in the examples I'll simply use obj-<ip_address> to make it easy. Also, I'm going to presume the interfaces are INSIDE and OUTSIDE, if not simply adjust the verbiage to your needs:
For Application 1:
nat (inside,outside) source dynamic obj-10.60.2.37 obj-NAT-192.168.123.150 destination static obj-192.168.123.171 obj-192.168.123.171
For Application 2:
nat (inside,outside) source dynamic obj-10.60.2.37 obj-NAT-192.168.123.160 destination static obj-192.168.123.221 obj-192.168.123.221
08-10-2017 10:52 PM
IS there anybody on the floor ..?
Awaiting valuable responses...
08-14-2017 11:23 AM
Just browsing this sub and thought I'd give a shout back. Yes, you can do this but you'll need to create objects for the IP addresses prior to adding the NAT statements and then reference those objects in the NAT statement; in the examples I'll simply use obj-<ip_address> to make it easy. Also, I'm going to presume the interfaces are INSIDE and OUTSIDE, if not simply adjust the verbiage to your needs:
For Application 1:
nat (inside,outside) source dynamic obj-10.60.2.37 obj-NAT-192.168.123.150 destination static obj-192.168.123.171 obj-192.168.123.171
For Application 2:
nat (inside,outside) source dynamic obj-10.60.2.37 obj-NAT-192.168.123.160 destination static obj-192.168.123.221 obj-192.168.123.221
08-16-2017 05:13 AM
thank you sir..
yes this does resolved my issue in my lab.
in production i used something from the link below..
https://www.velocityreviews.com/threads/asa-nat-based-on-destination-address.556079/
kindly share other valuable suggestions if any ...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide