07-19-2008 12:00 PM - edited 03-11-2019 06:16 AM
I want to do policy nat. see the attachement for network diagram. User from 192.168.1.0 subnet wants to access application server on 172.28.98.28 IP address and users on subnet 172.28.92.0 subnet wants to access this application server on 172.28.33.28, which is orignial Ip address.
Server is located on inside interface and users subnets are located on lower secuirty level.
right now users are accessing it following configuration
static (inside,edn) 172.28.98.28 172.28.35.28 netmask 255.255.255.255
07-19-2008 12:40 PM
access-list NET1 permit ip host 172.28.33.28 192.168.1.0 255.255.255.0
access-list NET2 permit ip host 172.28.33.28 172.28.92.0 255.255.255.0
static (inside,outside) 172.28.98.28 access-list NET1
static (inside,outside) 172.28.33.28 access-list NET2
07-19-2008 01:27 PM
I applied the following configuration.
access-list NET1 permit ip host 172.28.35.28 host 172.28.92.54
access-list NET2 permit ip host 172.28.35.28 host 172.28.92.72
static (inside,edn) 172.28.98.28 access-list NET1
static (inside,edn) 172.28.35.28 access-list NET2
but now both users as mentioned in the below configuration as able to access same application with 35 and 98 IP address. How can i restrict only only user to access this ip with only IP address.
I dont want 92.54 users to access this application with both IP address.
07-19-2008 01:31 PM
show the configuration
07-19-2008 02:10 PM
use access-list on edn interface
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: