09-02-2016 12:17 AM - edited 03-12-2019 01:13 AM
Hi all,
What will happen , if the below NAT statement is configured in ASA firewall.
What action will happen. Please explain me in detail.
nat (dmz-public,inside) source static net-dmz-public net-dmz-public destination static gpspersonneldoc.saipem.com dmz_f5_gpspersonnel
object network gpspersonneldoc.saipem.com
host 10.0.1.2
description WEBSITE IP - F5 VLAN DATACENTER
object network dmz_f5_gpspersonnel
description gpspersonneldoc.saipem.com - F5 IP ON INTERNET SERVICES DMZ - SDM
host 10.131.5.1
Regards,
Vinodhan.
09-02-2016 12:40 AM
If traffic initiated from any source from object-group net-dmz-public to destination 10.0.1.2 then destination IP will change to 10.131.5.1.
Regards,
Pawan (CCIE 52104)
Kindly rate for useful post
09-02-2016 02:40 AM
Hi Pawan,
Thanks for you information.
I have one more question , In source side ,Why same object groups is configured for two times.
nat (dmz-public,inside) source static net-dmz-public net-dmz-public destination static gpspersonneldoc.saipem.com dmz_f5_gpspersonnel
09-02-2016 03:06 AM
syntax of nat is nat source static real IP NAT IP destination real IP NAT IP.
If source has same real and Map IP then it means source IP will not nat and it will be same
09-02-2016 03:55 AM
Hi pawan,
Thank you so much for the info.
Regards,
Vinodhan
09-02-2016 04:02 AM
Hi pawan,
One more clarification , as you said above this ip : 10.0.1.2 is mapped to this ip:10.131.5.1.
That means from net-dmz-public , only they can see this ip:10.131.5.1 only.
Am I right?
Whether I have understood correctly. If I am wrong please correct me.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide