Nat single inside host to public IP.

Yoeri Oppelaar · ‎03-26-2012

Good day all,

im sure that this questing has bin asked many times. but i can't figure this this out.

one of my customers has a mail server. i have nat and firewall rules that permits smtp/https access on 1 of there public ip adresses.

now we need reverse dns for mail security so I want that all traffic the is sending from inside host 192.168.169.100 to be send out with a different public ip then that is used by the dynamic nat rule for the rest of the network.

the ASA uses SW level 8.04

can some one help me with this.

thanks in advance.

Yoeri

Dennis Mink · ‎03-27-2012

You will need to use static NAT, so a 1:1 NAT between 192.168.169.100:

check this URL: http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/nat_static.html

hope it helps

Please remember to rate useful posts, by clicking on the stars below.

Yoeri Oppelaar · ‎03-28-2012

thanks for response Minkdennis,

so if i understand correctly I'll get a NAT rule that is something like.

static (inside,outside) 1.1.1.2 192.168.169.100 netmask 255.255.255.255.

i have also some statics for smtp and https, do i need to remove them?

thanks Yoeri