Re: mutliple outbound destination nat

jvardhan29 · ‎03-18-2011

hi experts

i have a host and server in the same range sititng inside of firewall, is the below communication possible from inside host (10.10.4.3) to inside server (10.10.4.4) which belongs to the same range by doing destination NAT .Firewall inside interface is VLAN100 and is gateway of both the machines

Inside host -----
                     |
                    L2 ---(VLAN100)ASA
                     |

Inside server----

static (VLAN100,VLAN100) 112.97.2.14 10.10.4.4 netmask 255.255.255.255

when i try to access 112.97.2.14 from 10.10.4.3 it works but below one doesnt and gives an error "duplicate of existing static " when i configure it

static (VLAN100,VLAN100) 112.97.2.15 10.10.4.4 netmask 255.255.255.255

i understand the error but is it possible to configure both somehow and make them work (may be with policy based nat )

Federico Coto Fajardo · ‎03-18-2011

Hi,

The error is because you're trying to assign to public IPs statically to the same internal IP.

Just with the command:

static (VLAN100,VLAN100) 112.97.2.14 10.10.4.4 netmask 255.255.255.255

You can access the server via 112.97.2.14

What's the idea of adding this command?

static (VLAN100,VLAN100) 112.97.2.15 10.10.4.4

You want to access the server via 112.97.2.14 or via 112.97.2.15?

Federico.

jvardhan29 · ‎03-19-2011

hi ,

yes my req.is to destination nat 2 public to same private ip .and i know the error will come but i want to know if there is any fix or workaround for the same

static (VLAN100,VLAN100) 112.97.2.14 10.10.4.4 netmask 255.255.255.255

static (VLAN100,VLAN100) 112.97.2.15 10.10.4.4 netmask 255.255.255.255

jvardhan29 · ‎04-02-2011

hi experts

can someone guide and lemme know if the requirement is possible . thanks