Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1369
Views
0
Helpful
3
Replies

NAT forwarding on ASA to public Cloud

sreeraj.murali
Level 3
Level 3

‎10-23-2019 08:33 AM - edited ‎02-21-2020 09:37 AM

Hi Experts, Please check and suggest, if the attached design is a workable solution.

Currently, working on migrating existing Apps to public cloud, since the customer dont want to change the public IP for the apps,resources, looking to forward the customer (VPN and Internet traffic) using the existing onpremise ASA to public cloud. Kindly advice.

 

Thanks in advance

Sreeraj Murali

 

Preview file
47 KB
0 Helpful
3 Replies 3

slicerpro
Level 1
Level 1

‎10-23-2019 08:54 AM

I would check with your AWS/Google/Azure solutions architect.

0 Helpful

sreeraj.murali
Level 3
Level 3
In response to slicerpro

‎10-23-2019 11:41 PM

Yes, done that. Have doubt, that can we achieve, the below NAT configuration on ASA. Please suggest and advice,if below static NAT and NO NAT is configurable on ASA.

                                                                                                                                               Internet

=============     Private Dedicated                        =============|                           /<-------->Internet users

 10.20.32.0/21 |     <--------------> 10.240.5.4 --|Cisco ASA Fw  |---1.1.1.1 <--->                        

=============            circuit                                   ============ |     (pub ip)         \<--------->Customer DC

                                                                                                                                           site to site (10.90.10.0/24)

                                                                                                                                                  vpn

                                                                                  ASA static NAT

                                                                               10.20.32.2 --1.1.1.2

                                                                               10.20.32.3 --1.1.1.3

                                                                               10.20.32.4 --1.1.1.4

                                                                                     No NAT

                                                                              10.20.32.0/24--10.90.10.0/24

0 Helpful

bhargavdesai
Spotlight
Spotlight
In response to sreeraj.murali

‎10-24-2019 02:32 AM

It seems workable and fine. You also have to look for the Routing part on the Private Dedicated Cloud connecting to  ASA. 

 

 

 

HTH

### RATE ALL HELPFUL RESPONSES ###

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card