Jeremy, I appreciate your reply, but I'm not sure I completely understand it. Is your "end result" a many to one or a one to one? My vendors need to know exactly what computer (based on IP) the information is going to at all times because they will come in and audit to make sure which computers can access their networks. For example: If my internal ip is 10.10.10.1, theres will be 184.108.40.206 If my internal ip is 10.10.10.2, theres will be 220.127.116.11 A 10.10.10.3 on my side can never be a 20.20.20.x, it must be a .3 always. I was a little confused by your subnet mask not being a 255.255.255.255. Does your solution provide a one to one like my example above? Thanks again for your reply.
... View more
This is what I need to do. Our internal network needs to connect to three other private networks over ptp t-1 lines. Each of those private networks require a one to one connection per ip for security purposes. Can I nat one private IP to three different private IPs and is it relatively painless? We just purchased redundant ASA5510s and I was told the best place to do this would be on the ASA vs our 3945. For the scenario below, can someone help me get started? Our inside private network is 10.10.10.x /24 (security levl 100) our vendor1 private network is 20.20.20.x /24 (sec lvl 25) our vendor2 private network is 30.30.30.x /24 (sec lvl 25) our vendor3 private network is 40.40.40.x /24 (sec lvl 25) Lets say our internal pc has a 10.10.10.1. would something like this work (barring syntax errors)? static (inside,vendor1) 10.10.10.1 18.104.22.168 netmask 255.255.255.255 static (inside,vendor2) 10.10.10.1 22.214.171.124 netmask 255.255.255.255 static (inside,vendor3) 10.10.10.1 126.96.36.199 netmask 255.255.255.255 Is this one way to do it? is there a better way realizing that I have about 70 computer which calculates to about 210 nat statements (ugh) Thanks
... View more