Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
431
Views
0
Helpful
1
Replies

Bi-directional STATIC NAT?

nick.szilagyi
Level 1
Level 1

‎07-03-2016 05:39 AM - edited ‎03-12-2019 12:59 AM

Hi all,

quick question - if i configured an object called AVobject (IP of host 192.168.4.2) to NAT to an outside IP address (i.e 50.50.50.50), do I need to create an additional outside rule to translate it back?

(50.50.50.50, translated to 192.168.4.2). The scenario here is I have an AV object that needs to be translated to a WAN IP, any inbound traffic to the ASA to that WAN IP needs to be forwarded to that LAN IP.

My upstream rule appears to work on packet tracer, however returning the traffic I am having an issue with it.

I have a permit any, AVobject, AVServiceGroup, permit. Is the issue that I am setting the destination as the AV object which is using an RFC address?

Labels:
0 Helpful
1 Reply 1

nick.szilagyi
Level 1
Level 1

‎07-03-2016 05:42 AM

think ive just answered my own question - I've just tested and appears to work by amending the ACL destination to the WAN IP instead of the internal object IP.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card