Hi everyone. I have an ASA with three interfaces. I have a NAT and Global statement that translates all my traffic destined for a server on DMZ interface appear as if it is coming from 10.0.0.10. I have another group of users who need to go to the same server on DMZ, but their source address needs to be 10.0.0.11. I was trying not to modify my NAT global statement and use a static translation. Is there a way to do this. This is the ASA config:
global (dmz) 5 10.0.0.10
nat (inside) 5 0.0.0.0 0.0.0.0
if you know the IP addresses of the users you can use policy NAT eg. lets say the users are all on the 192.168.5.0 network
access-list natusers permit ip host 192.168.5.0 255.255.255.0 host "dmz host"
nat (inside) 6 access-list natusers
global (dmz) 10.0.0.11