03-08-2007 11:54 AM - edited 03-11-2019 02:43 AM
I need to NAT an outside IP to an inside IP, but I do not want to change the source IP address.
Anyone have any luck with getting SIP to pass through the 5520 without changing the source IP?
03-08-2007 12:15 PM
outside--->inside communication :
on internet:
source ip(1.1.1.1)...destination ip(2.2.2.2)
on asa's outside interface :
static (inside,outside) 2.2.2.2 4.4.4.4
as soon as this translation is processed ,the new packet is :
source ip(1.1.1.1).....destination ip(4.4.4.4)
this packet is sent to inside interface as per static.
so,source ip never changed.
it was the destination which changed.
_________________-
inside to outside communication :
inside(192.168.1.2) ip trying to access 200.200.200.220 on internet.
inside interface :
source( 192.168.1.2)..dest. ip( 200.200.200.220)
nat (inside) 1 192.168.1.2 255.255.255.255
global (outside) 1 interface
on oustside interface
source ip (outside interface's pat address ).....dest. address ( 200.200.200.220)
so,source ip is changing here.
what say ?
03-08-2007 04:41 PM
The NAT statements are inline with what I'm running here. The issue I'm seeing is that as the SIP traffic from the outside Internet reaches the ASA5520, it's changing the SIP INVITE message from my outside address to my inside address.
Would this have anything to do with stateful inspection? I tried turning it off with creating a policy map inspect sip. But that doesn't seem to help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide