Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
372
Views
0
Helpful
1
Replies

how can i config PIX/ASA to append real source ip address to server after nat.

fly
Level 2
Level 2

‎05-09-2013 03:59 AM - edited ‎03-11-2019 06:41 PM

                   clients in internal , Server located in DMZ

                   client visit server, server can only see transaled source address

                   cu want to see real client ip address , how can i config PIX/ASA to achieve this.

                   traffic is not only http, such as video, and some customer's application.

                  thank you!

Tom

Labels:
0 Helpful
1 Reply 1

julomban
Level 3
Level 3

‎05-09-2013 05:01 AM

Tom,

You can use NAT 0 accomplish this.

Example:

Internal client: 10.10.10.2

DMZ server: 192.168.1.2

NAT 0:

access-list nat_0 permit ip host 10.10.10.2 host 192.168.1.2

nat (nside) 0 access-list nat_0

The above rules automatically allow users to communicate using the real IP addresses.

Regards,

Juan Lombana

Please rate helpful posts.

0 Helpful
Review Cisco Networking for a $25 gift card
Top