Dynamic NAT Inbound translation

clex12345 · ‎06-02-2011

Hi.

I have ASA 5510 and public FTP server from my local network to external IP address, with static nat translation. All works, but I need request to ftp come from internal ASA interface ( need use gateway different ASA).

How configured ASA for forwarding request ?

varrao · ‎06-02-2011

Hi Clex,

Could you please provide a running-config from the ASA, what you are trying to do is u-turning on the ASA, i would need the ip address of the ftp (public and private) as well a the network from where you are trying to reach the server.

Thanks,

Varun

Thanks,
Varun Rao

clex12345 · ‎06-02-2011

Hi, Varun

access-list external_access_in extended permit tcp any interface external eq ftp

access-list external_nat_outbound extended permit tcp any host 192.168.0.13 eq ftp
pager lines 24
logging enable
logging asdm informational
mtu internal 1500
mtu external 1500
mtu management 1500
ip verify reverse-path interface external
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-641.bin
no asdm history enable
arp timeout 1440
global (internal) 10 interface
global (external) 1 interface
nat (internal) 1 192.168.0.0 255.255.254.0
nat (external) 10 access-list external_nat_outbound outside
static (internal,external) tcp interface ftp 192.168.0.13 ftp netmask 255.255.25
5.255
access-group external_access_in in interface external
!
router rip

varrao · ‎06-02-2011

Hi Clex,

Thanks for the config...but i am still not sure about your requirement, do you want users on the internal interface to access your FTP server on its public ip?? Plz describe it a bit.

Thanks,

Varun

Thanks,
Varun Rao

clex12345 · ‎06-02-2011

No, access any place from public network