cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
210
Views
0
Helpful
4
Replies
Highlighted
Beginner

NAT from outside source to an internal server

I have been working on this for months and I am still not able to get this working correctly. What I am trying to accomplish is to allow Usablenet to connect to our staging web server from the internet with an IP range for Usablenet.

The odd thing is this does not seem to be correct

object network web_staging_net

nat (web_staging,outside) dynamic interface

nat (web_staging,outside) source static obj-10.x.x.197 obj-209.x.x.97 destination static Useablenet Useablenet!

ACL

access-list outside_in extended permit tcp object-group Useablenet host 10.x.x.197 eq www

Any help will be greatly appreciated.

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Rising star

Re: NAT from outside source to an internal server

What is the configuration of the object web_staging_net? Is it a subnet or single host?

I would recommend creating a separate host entry for 10.x.x.197 and removing the static NAT entry from the other object.

Something like this:

object network web_10.x.x.197

host 10.x.x.197

nat (web_staging,outside) static obj-209.x.x.97

View solution in original post

4 REPLIES 4
Highlighted
Rising star

Re: NAT from outside source to an internal server

What is the configuration of the object web_staging_net? Is it a subnet or single host?

I would recommend creating a separate host entry for 10.x.x.197 and removing the static NAT entry from the other object.

Something like this:

object network web_10.x.x.197

host 10.x.x.197

nat (web_staging,outside) static obj-209.x.x.97

View solution in original post

Highlighted
Beginner

NAT from outside source to an internal server

It is a single host and web_staging is a network object group and I am just trying to create a one to one relationship.

For example

useablenet connects through 209.x.x.97 that translates to 10.x.x.97 and only allowing usablenet to connect

Highlighted
Rising star

NAT from outside source to an internal server

Please post the current output of:

show run object

show run object-group

show run nat

Highlighted
Beginner

NAT from outside source to an internal server

This has been resolved, it was simply a routing issue where the 209.x.x.97 was not routable.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here