ā01-18-2016 10:42 AM - edited ā03-12-2019 12:09 AM
Hi!
I am trying to configure a static policy nat rule with port translation but I can't find any configuration example (only auto-nat examples which as far as I understand are based on source IPs only).
HOST1 ------inside------ ASA --------outside-------- HOST2
I want HOST1 to nat to outside interface when communicating only with HOST2 via port 80.
I already defined object service with TCP80 but don't know where to place it on my nat statement.
nat (inside,outside) source static HOST1 interface destination static HOST2 HOST2
I appreciate your help.
Thanks.
Solved! Go to Solution.
ā01-18-2016 11:10 PM
Hi Sulloas,
Try the below syntax.
object network Host1
host 192.168.100.100
object service obj-tcp-80
service tcp destination eq 80
object network Host2
host 1.1.1.1
nat (inside,outside) source dynamic Host1 interface destination static Host2 Host2 service obj-tcp-80 obj-tcp-80
Thanks
Guddu
ā01-18-2016 11:10 PM
Hi Sulloas,
Try the below syntax.
object network Host1
host 192.168.100.100
object service obj-tcp-80
service tcp destination eq 80
object network Host2
host 1.1.1.1
nat (inside,outside) source dynamic Host1 interface destination static Host2 Host2 service obj-tcp-80 obj-tcp-80
Thanks
Guddu
ā01-21-2016 12:41 PM
Hi Guddu,
Thanks for your recomendation! Based on the nat you wrote I just changed it to static and it worked as expected.
Thanks again!
Steph
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide