Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
311
Views
0
Helpful
1
Replies

Having Trouble with NAT configurations

MathewBehr
Level 1
Level 1

‎05-15-2013 05:00 AM - edited ‎03-11-2019 06:43 PM

                   We recently had our firewall expert leave and i have been tasked with trying to fill his spot

we are in the middle of DR testing and im having issues getting to a resource that connected on the outside interface of my ASA,

The following in a edited exert frommy config,

Am i doing it right i guess is my question

interface Ethernet0/5
switchport access vlan 999

interface Ethernet0/7
switchport access vlan 998

interface Vlan998
description Disaster Recovery NAT Network
nameif insidedr
security-level 100
ip address 10.1.1.1 255.255.255.0

interface Vlan999
description Recovered DR Network 10.2.2.1
nameif outsidedr
security-level 0
ip address 10.2.2.1 255.255.255.0

object network Address_i_need_to_get_to
host 10.2.2.2


object network Address_i_target
host 10.1.1.2

nat (insidedr,outsidedr) source static Address_i_target Address_i_need_to_get_to

Labels:
0 Helpful
1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

‎05-15-2013 05:31 AM

Hi,

If I understood you requirements correctly THEN I think you should have the interfaces the other way around.

nat (outsidedr,insidedr) source static Address_i_target Address_i_need_to_get_to

This would basically tell the ASA to NAT the IP address 10.2.2.2 on "outsidedr" to the IP address 10.1.1.2 on the "insidedr"

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card