Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1776
Views
0
Helpful
2
Replies

Policy static NAT in ASA 9.6

Syed Yasir Imam
Level 1
Level 1

‎08-17-2017 11:01 AM - edited ‎03-12-2019 02:50 AM

I have a scenario about Policy static NAT in ASA 9.6


I have server listening on port tcp/8443. It will be accessed from specific networks in internet. I want to NAT my server to public IP but port specific only for those specific networks in internet. Is it possible?

object network <server's public IP address>
host <server's public IP address>

object network <Internet hosts/network>
host <Internet hosts/network>

object service TCP_HTTPSCA
service tcp destination eq 8443

nat (inside,outside) source static <server's private IP address> <server's public IP address> destination static <Internet hosts/network> <Internet hosts/network> service TCP_HTTPSCA TCP_HTTPSCA

but above is not working!

Below is working...but its not port specific...how can i make it port specific?

nat (inside,outside) source static <server's private IP address> <server's public IP address> destination static <Internet hosts/network> <Internet hosts/network>

Labels:
0 Helpful
2 Replies 2

Aditya Ganjoo
Cisco Employee
Cisco Employee

‎08-17-2017 08:50 PM

Hi,

The NAT configuration looks fine.

Can you post the packet-tracer output for this traffic?

packet-tracer input outside tcp <internet host ip > 5656 <server's public IP address> 443 detailed

Regards,

Aditya

Please rate helpful and mark correct answers

0 Helpful

Syed Yasir Imam
Level 1
Level 1
In response to Aditya Ganjoo

‎08-31-2017 04:37 AM

:) It is working fine! 

I dont know where i was doing the mistake but port specific (policy NAT) is working!

 

Thanks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card