03-02-2017 12:09 AM - edited 03-12-2019 02:00 AM
Hi All,
I need an advice here on a setup for Cisco ASA.
Is there any possibility to perform a PAT from Public IP to an IP that is located in the firewall in remote site which connected to HQ ASA via IPSEC?
Attached is the diagram of the setup.
Thank you in advance.
03-02-2017 01:07 AM
Yes, but there is a lot of complicated configuration involved.
03-02-2017 01:41 AM
Hi philip,
Is there any documentation that I can refer to?
I've this setup being use but with different firewall vendor. so I want to know how to do it in Cisco ASA.
I went throug their configuration. Its seems like a straight forward mapping from Public IP <> Private IP behind the other Firewall.
03-02-2017 01:43 AM
You need to read up about outside to outside NAT. You'll probably have to use intra-interface as well.
03-02-2017 05:30 AM
Thanks Philip, will look up on it.
03-02-2017 01:50 AM
As Philip already mentioned, this is a quite complicated setup. I would try to avoid it. My favorite ways to solve these problems are:
03-02-2017 05:30 AM
Thanks Karsten for the reply.
Unfortunately I do not have much of an option now since the server is located in a cloud provider. The connection to the cloud provider is via the IPSEC tunnel which is going out the same interface.
I guess, my best bet is allow intra-interface/hair pinning the NAT.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: