cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1172
Views
0
Helpful
2
Replies

Help creating a NAT rule from ASA to FTD using FPMC

justinarendt
Level 1
Level 1

I am trying to figure out how to replicate an existing configuration for NAT from my ASA to a FTD using FPMC to configure the device (5506-X).  I have attached a screenshot of what works now in the ASA.

I want to be able to do port natting from the outside interface on a per port basis using my single EXT IP on the outside interface.

 

All traffic inside, and outbound - nat to EXT IP

Inside ServerA Port 1111UDP - Nat to EXT IP 1111

Inside ServerA Port 1111TCP - Nat to EXT IP 1111

Inside ServerB Port 8080TCP - Nat to EXT IP 8080

 

Basically I want to map multiple internal IP's with different services to be allowed inbound from a single EXT IP on the outside.

 

I can't seem to figure this out on the FTD, but it works great with ASA.

 

Any help would be much appreciated.

 

Cheers,

Justin

2 Replies 2

s7pizzi
Level 1
Level 1

Hi Justin,

I have the same problem. How did you solve it?

yogdhanu
Cisco Employee
Cisco Employee

Hi

 

if you have ASA and migrating to FTD, you can try migration tool to convert the config.

https://www.cisco.com/c/en/us/td/docs/security/firepower/620/asa2ftd-migration/asa2ftd-migration-guide-620/asa2ftd_migration_procedure.html

 

You can try dynamic NAT on FMC for FTD.

 

Hope it helps,

Yogesh

 

 

Review Cisco Networking for a $25 gift card