cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4206
Views
0
Helpful
6
Replies

how to do a nat using service groups

cisco
Level 1
Level 1

Hi I am trying to do nat using service groups, I have below objects and wondering how to put them together what I have is ASA 5515

network object aaa

host 1.1.1.1

object-group server bbb_dst

service-object tcp destination eq www

service-object tcp destination eq http

object-group server bbb_sour

service-object tcp source eq www

service-object tcp source eq http

network object aaa

nat (inside,outside) xxxxxxxxxxxx bbb_dst bbb_sour

how do I go about above and can this be done

Thanks and Regards

1 Accepted Solution

Accepted Solutions

Peter Koltl
Level 7
Level 7

http://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/firewall/asa-96-firewall-config/nat-basics.html#ID-2090-00000890

Specify service with the desired protocol keyword and the real and mapped ports. You can enter either a port number or a well-known port name (such as http)

object network aaa-01
 nat (inside,outside) static MAPPED_IPS service tcp 80 8080

(Network Object NAT only.) You can only define a single NAT rule for a given object; if you want to configure multiple NAT rules for an object, you need to create multiple objects with different names that specify the same IP address. For example, object network obj-10.10.10.1-01, object network obj-10.10.10.1-02, and so on.

object network aaa-02
 nat (inside,outside) static MAPPED_IPS service tcp 81 8081

View solution in original post

6 Replies 6

cisco
Level 1
Level 1

Anyone out there? :(

Hi, I tried google and found some document but things do not go as per the instructions!!!!!!!!!!!!!!!!!!!!!11111

Peter Koltl
Level 7
Level 7

Please edit and move your topic to the proper category:

Security > Firewalling

then you will have the chance for readers and answers.

Hi I am new to this, thank you, will move this

Thank and best Regards

Hi Peter, some one has done the needful, Thanks you

Peter Koltl
Level 7
Level 7

http://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/firewall/asa-96-firewall-config/nat-basics.html#ID-2090-00000890

Specify service with the desired protocol keyword and the real and mapped ports. You can enter either a port number or a well-known port name (such as http)

object network aaa-01
 nat (inside,outside) static MAPPED_IPS service tcp 80 8080

(Network Object NAT only.) You can only define a single NAT rule for a given object; if you want to configure multiple NAT rules for an object, you need to create multiple objects with different names that specify the same IP address. For example, object network obj-10.10.10.1-01, object network obj-10.10.10.1-02, and so on.

object network aaa-02
 nat (inside,outside) static MAPPED_IPS service tcp 81 8081

Review Cisco Networking for a $25 gift card