10-18-2019 12:52 PM
Hi guys,
today I am faced with a NAT issue and want to ask you for your valued advice.
An external host (and only this host) should access the outside interface of the ASA (OS rel. 8.4(7)30) and this should be translated to an internal server for all kind of traffic. (I test with HTTP)
This translation should only be able for the external host IP because other hosts connect to the outside interface of the ASA too for AnyConnect etc. and this should not be affected!
I entered an ACL with the real address of the internal server as the destination and I tried different NAT-commands but the access failed every time.
The relevant code:
interface Ethernet0/0 nameif if0 security-level 0 ip address 217.x.y.z 255.255.255.248 interface Ethernet0/1 nameif if1 security-level 100 ip address 10.1.1.1 255.254.0.0 object network BABV host 141.a.b.c object network BABV-Server host 10.1.6.121 access-list if0_access_in extended permit ip object-group BABV object BABV-Server nat (if1,if0) source static BABV-Server BABV
The NAT-command ist most likeky wrong but I tried a lot of other variants and all failed.
Let's asume that no other NAT-command is configured on the ASA.
Can someone tell me the correct NAT-command for this situation or what's to do to get this working?
Thanks a lot for all your hints!!!
Bye
Rico
Solved! Go to Solution.
10-21-2019 01:33 AM
10-21-2019 01:33 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: