Hi handsy, you may try with:

handsy · ‎09-13-2016

I'm stuck!

I need to get to an IP address on the other side of my Cisco ASA5555-X running 9.5.

Here's the important info (IPs obfuscated for obvious reasons):

Source IP can be anything
Destination IP for clients is 10.92.200.1 (int-map)
NAT'ed to 66.77.88.1 (ext-map)
Source must also be translated to use Interface IP of destination interface

I just cannot get my head round this one, basically I'm trying to get a basic NAT done, followed by a Source IP overwrite.

My initial attempt:

nat (inside,outside) source dynamic any interface destination static ext-map ext-map

...but that clearly misses the step where I translate int-map to ext-map. Can I even do this in 1 line of config??

Matias Ortiz · ‎09-13-2016

Hi handsy, you may try with:

object network OBJ-10.92.200.1
subnet 10.92.200.1 255.255.255.255

nat (inside,outside) source static any OBJ-66.77.88.1 destination static OBJ-10.92.200.1 OBJ-10.92.200.1

Kind regards.-

PS: Please don't forget to rate and mark as correct answer if this answered your question

handsy · ‎09-13-2016

Unfortunately, that does not resolve the rewriting of the source IP as my outside interface address.

handsy · ‎09-13-2016

I've resolved it:

object network int-map
host 10.92.200.1

object network ext-map
host 66.77.88.1

nat (inside,outside) source dynamic any interface destination static int-map ext-map

Very happy :)

Stuck on a NAT problem