08-17-2017 11:01 AM - edited 03-12-2019 02:50 AM
I have a scenario about Policy static NAT in ASA 9.6
I have server listening on port tcp/8443. It will be accessed from specific networks in internet. I want to NAT my server to public IP but port specific only for those specific networks in internet. Is it possible?
object network <server's public IP address>
host <server's public IP address>
object network <Internet hosts/network>
host <Internet hosts/network>
object service TCP_HTTPSCA
service tcp destination eq 8443
nat (inside,outside) source static <server's private IP address> <server's public IP address> destination static <Internet hosts/network> <Internet hosts/network> service TCP_HTTPSCA TCP_HTTPSCA
but above is not working!
Below is working...but its not port specific...how can i make it port specific?
nat (inside,outside) source static <server's private IP address> <server's public IP address> destination static <Internet hosts/network> <Internet hosts/network>
08-17-2017 08:50 PM
Hi,
The NAT configuration looks fine.
Can you post the packet-tracer output for this traffic?
packet-tracer input outside
Regards,
Aditya
Please rate helpful and mark correct answers
08-31-2017 04:37 AM
:) It is working fine!
I dont know where i was doing the mistake but port specific (policy NAT) is working!
Thanks.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: