Hey Experts,

I'm struggling with a NAT config and would appreciate some help to get myself going! Its a Cisco FWSM running version 4 in a 6509.

We have a requirement to "Hide NAT" traffic coming from a Load Balancer IP behind the interface of the network it is accessing. So far this works fine:

global (first_interface) 1 interface

nat (inside) 1 10.10.10.10 255.255.255.255

In this example, 10.10.10.10 is the IP that the LB uses to send traffic and when it sends to the servers behind the first_interface it is translated successfully and all is good.

Now, I need to add a second interface to the mix, so when the LB sends traffic to the second_interface, the traffic is also hidden, but this time its hidden behind the second_interface.

I can't add a second NAT pool entry that matches the same source IP, as I get a duplicate NAT entry error. If I try adding  a second global statement as follows:

global (second_interface) 1 interface

Then it also doesn't work - I'm guessing because the NAT process is kicking in before the routing is decided? It's late, so I'm fed up of looking at it. Can someone let me know if I am missing something obvious here!?

Any information would be much appreciated!

Cheers

Jon