NAT question on 9.X for source IP

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-03-2016 09:27 AM - edited 03-12-2019 12:41 AM
I have done this in the past, but no longer have access to check my config. What I am looking for an example of is to swap the external host IP with the inside IP of the firewall for inbound connections to a server. We are adding a firewall that eventually will be the main egress, but until migrated to the existing ASA will be default, so as I move servers, they will need to see the inside IP of the new ASA instead of the real IP of the host trying to connect to them. I did it many times in pre-8.3, but only once in 8.4+ and I don't remember what I did, so need an example, either GUI or CLI is fine.
Thanks.
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-04-2016 08:54 AM
This syntax from the Cisco guide may help you.
nat (real_ifc,mapped_ifc) source static real_ob [ mapped_obj | interface ] destination static mapped_obj real_obj service real_src_mapped_dest_svc_obj mapped_src_real_dest_svc_obj
If you specify interface , be sure to also configure the service keyword (in this case, the service objects should include only the source port).
