Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4639
Views
0
Helpful
6
Replies

how to do a nat using service groups

Go to solution
cisco
Community Member

‎03-16-2017 03:46 AM - edited ‎03-12-2019 02:04 AM

Hi I am trying to do nat using service groups, I have below objects and wondering how to put them together what I have is ASA 5515

network object aaa

host 1.1.1.1

object-group server bbb_dst

service-object tcp destination eq www

service-object tcp destination eq http

object-group server bbb_sour

service-object tcp source eq www

service-object tcp source eq http

network object aaa

nat (inside,outside) xxxxxxxxxxxx bbb_dst bbb_sour

how do I go about above and can this be done

Thanks and Regards

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Koltl
Level 11
Level 11

‎04-02-2017 01:12 PM

http://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/firewall/asa-96-firewall-config/nat-basics.html#ID-2090-00000890

Specify service with the desired protocol keyword and the real and mapped ports. You can enter either a port number or a well-known port name (such as http)

object network aaa-01
 nat (inside,outside) static MAPPED_IPS service tcp 80 8080

(Network Object NAT only.) You can only define a single NAT rule for a given object; if you want to configure multiple NAT rules for an object, you need to create multiple objects with different names that specify the same IP address. For example, object network obj-10.10.10.1-01, object network obj-10.10.10.1-02, and so on.

object network aaa-02
 nat (inside,outside) static MAPPED_IPS service tcp 81 8081

View solution in original post

0 Helpful
6 Replies 6

Go to solution
cisco
Community Member

‎03-24-2017 02:19 AM

Anyone out there? 😞

0 Helpful

Go to solution
cisco
Community Member
In response to cisco

‎03-27-2017 12:17 AM

Hi, I tried google and found some document but things do not go as per the instructions!!!!!!!!!!!!!!!!!!!!!11111

0 Helpful

Go to solution
Peter Koltl
Level 11
Level 11

‎04-02-2017 12:43 PM

Please edit and move your topic to the proper category:

Security > Firewalling

then you will have the chance for readers and answers.

0 Helpful

Go to solution
cisco
Community Member
In response to Peter Koltl

‎04-02-2017 11:32 PM

Hi I am new to this, thank you, will move this

Thank and best Regards

0 Helpful

Go to solution
cisco
Community Member
In response to cisco

‎04-02-2017 11:36 PM

Hi Peter, some one has done the needful, Thanks you

0 Helpful

Go to solution
Peter Koltl
Level 11
Level 11

‎04-02-2017 01:12 PM

http://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/firewall/asa-96-firewall-config/nat-basics.html#ID-2090-00000890

Specify service with the desired protocol keyword and the real and mapped ports. You can enter either a port number or a well-known port name (such as http)

object network aaa-01
 nat (inside,outside) static MAPPED_IPS service tcp 80 8080

(Network Object NAT only.) You can only define a single NAT rule for a given object; if you want to configure multiple NAT rules for an object, you need to create multiple objects with different names that specify the same IP address. For example, object network obj-10.10.10.1-01, object network obj-10.10.10.1-02, and so on.

object network aaa-02
 nat (inside,outside) static MAPPED_IPS service tcp 81 8081

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card