cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
350
Views
0
Helpful
1
Replies

Send to other gateway in the inside network

RafaelAguilar
Level 1
Level 1

Hello everyone,

 

I have a very specific scenario here. We have two gateways in my internal LAN, the two are currently linux and I plan to migrate one of them to an ASA 5506.

 

The problem is: I have a situation that I need to push a connection between the two without changing the network clients.

 

The gateways are 192.168.1.1 and 192.168.1.2;

The machines are configured to have 192.168.1.1 as the gateway;

The final destination is 10.0.0.1 and is accessible by both gatways.

 

In linux I can change by doing at the gateway 192.168.1.1 like this: A route rule, with the gatway being 192.168.1.2 and a NAT rule changing the source to 192.168.1.1.

 

My question is, is there any way to do this on ASA? When I try to make the NAT rule the ASA gives me an error because the NAT source and destination are the internal card.

 

nat (any,inside) 6 source dynamic any interface destination static TerminalEXT TerminalEXT

nat (any,inside) 6 source dynamic any interface destination static TerminalEXT T ^erminalEXT

ERROR: % Invalid input detected at '^' marker.

1 Reply 1

joseph.h.nguyen
Level 1
Level 1

You can use hairpin/u-turn technique on your ASA.  Read the introduction from https://community.cisco.com/t5/security-documents/hairpin-u-turn-traffic-off-an-interface-on-an-asa-running-8-3-or/ta-p/3129668.

For future improvement, you may want to use DHCP server to enable you the flexibility to make mass changes across network clients if you want.

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco