Solved: Possible to NAT two servers to one external IP for outgoing traffic?

Jesserony · ‎11-16-2022

Good Morning,

I hope i am able to explain this properly. We have an ASA-5516X with the following interfaces:


inside: 192.168.170.22 255.255.255.0
outside: x.x.x.98 255.255.255.224 
DMZ: 172.20.43.21 255.255.255.0

I would like to take two servers:


Server A - 172.20.43.101
Server B - 172.20.43.102

I dont care about them being reachable from the outside. But what i want is to configure a NAT rule so that if i was on Server A or B and went to whatismyip.com it would say x.x.x.99 instead of x.x.x.98 as the other servers are configured by default to NAT to the outside interface IP of x.x.x.98.

Is this possible?

Jesserony · ‎11-16-2022

I think i figured it out but havent tested it yet... does this look correct?

!
!
!
object network Server1
host 172.20.43.101
!
object network Server2
host 172.20.43.102
!
object-group network Server1_2
network-object object Server1
network-object object Server2
!
object network Server1_2_Outside
host x.x.x.98
!
nat (DMZ,outside) 1 source dynamic Server1_2 Server1_2_Outside
!
clear xlate
!
!
!

View solution in original post

Jesserony · ‎11-16-2022

I think i figured it out but havent tested it yet... does this look correct?

!
!
!
object network Server1
host 172.20.43.101
!
object network Server2
host 172.20.43.102
!
object-group network Server1_2
network-object object Server1
network-object object Server2
!
object network Server1_2_Outside
host x.x.x.98
!
nat (DMZ,outside) 1 source dynamic Server1_2 Server1_2_Outside
!
clear xlate
!
!
!