Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
426
Views
0
Helpful
1
Replies

Send to other gateway in the inside network

RafaelAguilar
Level 1
Level 1

‎04-12-2019 09:57 AM

Hello everyone,

 

I have a very specific scenario here. We have two gateways in my internal LAN, the two are currently linux and I plan to migrate one of them to an ASA 5506.

 

The problem is: I have a situation that I need to push a connection between the two without changing the network clients.

 

The gateways are 192.168.1.1 and 192.168.1.2;

The machines are configured to have 192.168.1.1 as the gateway;

The final destination is 10.0.0.1 and is accessible by both gatways.

 

In linux I can change by doing at the gateway 192.168.1.1 like this: A route rule, with the gatway being 192.168.1.2 and a NAT rule changing the source to 192.168.1.1.

 

My question is, is there any way to do this on ASA? When I try to make the NAT rule the ASA gives me an error because the NAT source and destination are the internal card.

 

nat (any,inside) 6 source dynamic any interface destination static TerminalEXT TerminalEXT

nat (any,inside) 6 source dynamic any interface destination static TerminalEXT T ^erminalEXT

ERROR: % Invalid input detected at '^' marker.

Labels:
0 Helpful
1 Reply 1

joseph.h.nguyen
Level 1
Level 1

‎04-12-2019 01:00 PM

You can use hairpin/u-turn technique on your ASA.  Read the introduction from https://community.cisco.com/t5/security-documents/hairpin-u-turn-traffic-off-an-interface-on-an-asa-running-8-3-or/ta-p/3129668.

For future improvement, you may want to use DHCP server to enable you the flexibility to make mass changes across network clients if you want.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card