Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
335
Views
10
Helpful
1
Replies

Need to do PAT/NAT on Outside interface of ASA with the below requirement

nasum5245
Level 1
Level 1

‎11-09-2020 04:46 AM

Hi Everyone,

 

I need some help from you people in the below requirement configuration in ASA.

I have an ASA deployed with inside and outside interfaces configured.

 

>> When users access the Outside interface of ASA ( https://20.1.1.3:443 ) with port 443 ASA should do a PAT/NAP and forward the traffic to the internal resource https://10.1.1.10:443

>> When users access the same outside interface of ASA ( https://10.1.1.3:444 ) with port 444 it should forward the traffic to https://10.1.1.11:443

>> All the traffic is based on https alone but need to achieve this with custom ports.

Help me if this use case is possible with ASA and if yes, kindly help me with the configuration.

 

Thanks and Regards

Labels:
1 Reply 1

amikat
Level 7
Level 7

‎11-11-2020 01:08 PM - edited ‎11-11-2020 02:52 PM

Hi,

Provided your ASA outside interface IP address is 20.1.1.3 you can try to configure as per beneath:

 

object network HOST_1
host 10.0.0.10
nat (inside,outside) static interface service tcp 443 443
object network HOST_2
host 10.0.0.11
nat (inside,outside) static interface service tcp 443 444

 

access-list inbound permit tcp any object HOST_1 eq 443
access-list inbound permit tcp any object HOST_2 eq 443
access-group inbound in interface outside

 

Best regards,

Antonin

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card