Hi, I have a situation that creates a bit of a headache for me.
The task is to use SMB / NetBIOS (Win Server 2008 R2) to open a connection and transfer a file from host 2 to host 1. Sounds easy, I know.
Here's the setup:
Host 1: 192.168.10.34 (on 192.168.10.0/24): on our ASA
VPN-proxy network: 10.14.17.0/28: on our ASA
Host 2: 10.5.26.37 (on 10.5.26.0/24): 3rd party network, cannot touch this
192.168.10.0/24 has a route to 10.5.26.0/24 via 10.14.17.0/28. The ASA dynamically PATs this, so we can open an RDP connection from 192.168.10.0 no problem.
However, 10.5.26.0/24 has NO route to 192.168.10.0/24 (and 3rd party has refused to add one). In other words, I cannot initiate a connection from 10.5.26.37, because it doesn't know where to go.
What I could do of course is create a static route via a proxy address, say 192.168.10.34 = 10.14.17.10. This would allow me to make a connection from host 2 to host 1. However, doing that breaks initiating a connection from any host that is not host 1, since all return traffic would get sent to host 1.
Now my question is, can I configure the ASA such that only SMB/NetBIOS packets that originate from host2 get translated to host1, but all other traffic uses the existing NAT / PAT setup via the proxy network?
I've been trying to figure this out for several weeks now and have hit a wall.
Any help is greatly appreciated!