Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
138
Views
0
Helpful
1
Replies

NAT question on 9.X for source IP

tahscolony
Level 1
Level 1

‎05-03-2016 09:27 AM - edited ‎03-12-2019 12:41 AM

I have done this in the past, but no longer have access to check my config. What I am looking for an example of is to swap the external host IP with the inside IP of the firewall for inbound connections to a server.  We are adding a firewall that eventually will be the main egress, but until migrated to the existing ASA will be default, so as I move servers, they will need to see the inside IP of the new ASA instead of the real IP of the host trying to connect to them.  I did it many times in pre-8.3, but only once in 8.4+ and I don't remember what I did, so need an example, either GUI or CLI is fine.

Thanks.

Labels:
0 Helpful
1 Reply 1

adityan404
Level 1
Level 1

‎05-04-2016 08:54 AM

This syntax from the Cisco guide may help you.

nat (real_ifc,mapped_ifc) source static  real_ob  [ mapped_obj |  interface ] destination  static  mapped_obj  real_obj  service  real_src_mapped_dest_svc_obj  mapped_src_real_dest_svc_obj

If you specify interface , be sure to also configure the service keyword (in this case, the service objects should include only the source port).

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card