Scenario Detail:
Outside interface IP ASA: 1.1.1.1
Inside Interface IP ASA: 2.2.2.1
Public IP Address for NAT: 1.1.1.10
Server1 IP Address: 10.10.10.10: 25
Server2 IP Address: 11.11.11.10: 443
1)
Server1 has a default route to ASA: No issues.
2)
Server2 does not have a default route ASA
Initially distend for Public IP 1.1.1.10:443 is statically NATed to server2 11.11.11.10:443.
Server2 does not have a default route to ASA, in that case ASA can route to Server2 but Server2 can not route back to ASA for Internet Addresses.
To overcome this situation, I think, I should translate internet (any) addresses (Sources Addresses) to ASA indside interface IP Address.
So the Server2 sees this connection coming from ASA inside address.
-Two NATs are required
1)
Static 11.11.11.10:443 > 1.1.1.10:443
2)
a. Any > 1.1.1.10:443
First Translation through Static NAT:
b. Any > 11.11.11.10:443
Second Translation of Source Address (internet Address):
c. 2.2.2.1 > 11.11.11.10:443
Is it Doable? if Yes, What would be the syntex for ASA 8.3?
Please do let me know I missed something...
Your help will be highly appecited.
Mudasir