Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
832
Views
0
Helpful
0
Replies

Multiple PAT using ASDM gui

tntteam100687
Level 1
Level 1

‎08-21-2019 02:46 AM - edited ‎08-21-2019 06:53 AM

Hello,

First, I'm not an expert in networking, I am a sysadmin.

I have an access to our cisco ASA via ASDM GUI (v7.8).

 

I have 2 servers on private network (same subnet, serv1 192.168.0.1 and serv2 192.168.0.2) and 1 IP on public network (say, 18.18.18.18).

I need to PAT outside (world) connections to our two internal servers.

I would like to achieve this :

 

connect to 18.18.18.18:5001 would PAT to 192.168.0.1:5001

connect to 18.18.18.18:5002 would PAT to 192.168.0.2:5002

 

I could achieve to get first PAT to work (using "NAT RULES" tab), but when I try to add the second PAT I get 

"Pool (0.0.0.0) overlap with existing pool"

 

I know this is theoricaly possible but I don't know how to achieve this using ASDM GUI (only access I have).

I can do this with an easy iptables NAT table, but I'm missing something for ASDM.

 

Thanks for any help :)

 

Edit : more details :

 

Each NAT rule is created with following options (see attached crafted capture)

 

Sans titre3.png

 

Edit2 :

Ok found something, I need I think to provide "Source interface" too but the problem is I don't have the sufficient rights to see the external network card of ASA, I think.

I tried using dynamic PAT (Hide), and got it to work for both ports, but not the way I want : the ASA hide the original IP and it's a security matter to us to have a fail2ban up and running to block external IPs bruteforcing.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card