03-19-2015 06:56 AM - edited 03-11-2019 10:39 PM
I installed an ASA 5585 firewall for one of our customer. I am trying to map inside antivirus IP 10.10.10.2 to the outside interface IP 192.168.10.4
Here is the NAT configuration. Please assist whether this configuration will work, post I need to implement the same.
interface GigabitEthernet0/4
nameif MD_MSCO
security-level 0
ip address 192.168.10.4 255.255.255.128 standby 192.168.10.5
interface Port-channel20.30
nameif Non-App
security-level 100
ip address 10.124.27.164 255.255.255.248 standby 10.124.27.165
ciscoasa(config)# object network my-inside-net
ciscoasa(config-network-object)# host 10.10.10.2
ciscoasa(config-network-object)# nat (Non-App,MD_MSCO) dynamic interface
Solved! Go to Solution.
03-19-2015 07:05 AM
Looks good as long as you only need dynamic NAT sourced from the AV server. If you need any sort of access from the outside in to the AV server then you would need to use static NAT. I'm sure it is there, but make sure you have a route for 10.10.10.2 or the network it lives on back through the Non-App interface.
03-19-2015 07:05 AM
Looks good as long as you only need dynamic NAT sourced from the AV server. If you need any sort of access from the outside in to the AV server then you would need to use static NAT. I'm sure it is there, but make sure you have a route for 10.10.10.2 or the network it lives on back through the Non-App interface.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide