Solved: Re: object NAT with twice NAT functionality

aruns1770 · ‎09-11-2020

Hi All,

as per current setup we are using web server and object NAT has been configured, there is new requirement that new web server has been installed and clients need to be migrated from old server to new server one by one without changing the URL so if i configure twice NAT with same public IP and real server as new server IP with source IP that need to be migrated to new web server.

Current configuration:

object network webserver_public
host 1.1.1.1
object network webserver_private
host 10.0.0.1
nat (inside,outside) static webserver_public service tcp https https

proposed Twice NAT configuration:

object network webserver_private_new
host 10.0.0.2

object network websource
host 2.2.2.2

object network webserver_private_new
host 10.0.0.2
nat (inside,outside) source static webserver_private_new webserver_public destination static websource websource service SSH_1 SSH_1

so my doubt is if i configure both object NAT and twice nat, will it prefer twice NAT when the source and destination IP matches and it will prefer object NAT for rest of the IP's

Rob Ingram · ‎09-12-2020

Hi @aruns1770

You are correct. The packet will attempt to match the Manual (twice) NAT rule first, if it does not match, it will then move on and attempt to match the Auto NAT rules.

HTH

View solution in original post

Rob Ingram · ‎09-12-2020

Hi @aruns1770

You are correct. The packet will attempt to match the Manual (twice) NAT rule first, if it does not match, it will then move on and attempt to match the Auto NAT rules.

HTH