08-07-2018 12:05 PM - edited 02-21-2020 08:04 AM
I have a ASA 5505 and ASA 5508x. In reference to the attached diagram. I am looking to fail-over a Public IP B to ASA 5508x through ASA5505. The only reason for this configuration is the ASA5505 is with ISP A and with out paying a huge amount we can an additional IP address for a fraction of the cost. The ASA5508x is with ISP C.
How do I program the ASA5505 to forward all traffic that comes from Public IP B to ASA5508x?
08-07-2018 12:25 PM
The logic is like this:
nat (outside,asaic) source dynamic any4 obj-hideaddr destination static PUB-B PRIV-B unidirectional
Source Internet addresses must be hide-NATed otherwise return traffic would exit on PUB-C interface.
Destination address translation follows the usual static translation method.
asaic is the ASA interconnect link. Never use the 'failover' term for something that is not failover.
08-07-2018 01:01 PM
@Peter Koltl wrote:
The logic is like this:
nat (outside,asaic) source dynamic any4 obj-hideaddr destination static PUB-B PRIV-B unidirectional
Hey Peter thanks for the information! Got it interconnect not fail-over.
To clarify, in your logic example.
asaic = ASA5508x
obj-hideaddr = ? (what is this object suppose to be)
PUB-B = (is an object with the Public IP) x.x.x.C
PRIV-B = (is an object network for Private Net B) ie. 192.168.1.0
Regards,
Pierre
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: