Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
944
Views
0
Helpful
0
Replies

Source and Destination NAT on ASA 5520

jebedoya511
Level 1
Level 1

‎08-17-2020 04:09 AM

Hello,

I need to configure the SRC and DST nat for The Active Directory domain needs to reach a DST nat to contact the external DNS

 

Src 10.168.138.10
DNS forwarder 172.21.2.130
SNAT 194.169.30.1
DNAT 8.8.8.8

 

This is my configuration.

 

The interface incoming is Transit_internet

The outgoing interface is Internet

access-list Transito_Internet_access_in extended permit tcp object-group H-10.168.138.10 object-group DNAT_172.21.2.130 object-group DNS log warnings

 

static (Transito_Internet,Internet) 194.169.30.1  10.168.138.10 netmask 255.255.255.255

static (Transito_Internet,Internet) 8.8.8.8 172.21.2.130 netmask 255.255.255.255

 

My goal is that real src 10.168.138.10 contact the DNAT on ASA 172.21.1.130 after that applies the source NAT with 194.169.30.1 to contact the external DNS

 

This config could be ok?

 

Thanks

 

 

 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card