FWSM support for source NAT??

kosalasuranjith · ‎08-24-2011

Hi,

Is that FWSM support for Source NAT??

If so, can anybody tell me how to do that?

our requirement as follows.

We have statically NAT 192.168.1.1 to 220........public IP.

When a packet comes from outside the original source (public IP) shows to the destination.

But one client need it to be shown from gateway IP.

Can this be done in FWSM??

Kosala

Jennifer Halim · ‎08-24-2011

Not sure I understand what you mean by "to be shown from gateway IP". What do you mean by that?

Can you please explain with IP Address what you are trying to achieve on the FWSM?

So currently you have 192.168.1.1 (connected to inside) and you are NATing it to a public IP (say: 2.2.2.220, when traversing to the outside interface).

So you have:

static (inside,outside) 2.2.2.220 192.168.1.1 netmask 255.255.255.255

And when the packet is originating from the outside, the destination should be 2.2.2.220, and source would be the source IP on the internet (from the client).

kosalasuranjith · ‎08-24-2011

Yes. But the client need to change that 'source IP on the internet (from the client).'

and show the source IP as 192.168.1.254 (which ll be the gateway of 192.168.1.1 which is on FWSM)

Jennifer Halim · ‎08-24-2011

OK, so the client's ip address on the internet, he would like to change it to an internal address in the same subnet as your inside interface.

You can not use the inside gateway ip address, however, you can use a unique ip address in the same subnet.

So for example: if 192.168.1.220 is a spare ip address (not being used for anything), then you can configure the following:

static (outside,inside) 192.168.1.220 netmask 255.255.255.255