source and destination nat

SOL10 · ‎11-13-2012

Hi guys

Is it possible to carry out source and destination nat (two way nat on cisco ASA8.4) - never done this set up on 8.4

My network is this:

Internet

|

| x.x.x.62

ASA (outside)

|

ASA (inside) 10.10.10.253

|

--------------------------------------------------------------------------------

| |

Server1 - 10.10.10.243 Server2 - 10.10.10.244

Public NAT IP - 77.x.x.24 Public NAT IP - 77.x.x.25

I would like it so what wen PC A with a public IP of 86.x..253 tries to access Server 1 on publicIP - the source address of host A is changed to the Inside IP of ASA 10.10.10.253 and servers then reply back to 10.10.10.253 (inside IP of ASA) which then re-translates it out back to 86.x.x.x253

thanks

Collin Clark · ‎11-13-2012

Why do you need to translate the client to the inside IP of the ASA?

SOL10 · ‎11-13-2012

colin

the server in question is an open source FW - and the dont want that to have a default gateway out.

Jennifer Halim · ‎11-13-2012

Let's use a spare ip address in the same subnet as the ASA inside interface for the NAT (assuming that 10.10.10.251 is free (pls kindly double check and use a free IP Address accordingly):

object network obj-10.10.10.243

host 10.10.10.243

object network obj-77.x.x.24

host 77.x.x.24

object network obj-10.10.10.251

host 10.10.10.251

object network obj-pcA

host 86.x.x.253

nat (inside,outside) source static obj-10.10.10.243 obj-77.x.x.24 destination static obj-10.10.10.251 obj-86.x.x.253

Hope that helps.