Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
251
Views
0
Helpful
1
Replies

NAT on ASA.

nishikesh
Level 1
Level 1

‎07-20-2016 12:42 PM - edited ‎03-12-2019 01:02 AM

This is about NAT on ASA.

I would like to know about TWICE NAT/ DESTINATION NAT. I know about STATIC NAT, but confused about TWICE NAT/ DESTINATION NAT.

Not sure when TWICE NAT/ DESTINATION NAT required in network. Is there any criteria or specific cases when we use TWICE NAT/ DESTINATION NAT. Why do we need to NAT destination IP?

Can someone please help me to understand these NAT related terms on Cisco ASA.

Your help would be greatly appreciated.

Labels:
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎07-20-2016 02:05 PM

Two scenarios:

  1. Twice NAT or policy NAT: All traffic sent out of the outside interface is PATed to a public address. Without extra configuration this PAT would also be applied to traffic that gets sent through a VPN to your Branch. Here Twice NAT is used to exempt the traffic.
  2. Destination NAT: Think about a (totally theoretically) scenario like the following:
    All your 10000 PCs access a server that is located in the DMZ. The client-sofware uses a config-file where the server IP-adress is hardcoded and not configured as a DNS name. After renewing the server, the new server get's a new address in the DMZ. Instead of reconfiguring every single PC (and there is no system-manaement available; well it's just an example ;-) ) you could configure destination-NAT so that the clients still access the old address, but the ASA rewrites that address to the new server.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card