Static NAT from Public IP at ASA to remote site?

Unanswered Question
Jan 7th, 2009

Is it possible to statically NAT traffic arriving at an ASA out to a server or workstation at a remote site?

To be more specific, I have a data center with a fair sized block of public IP addresses and when travelling I would like to use one of those public addresses to connect to my workstation in a remote office that is connected to the data center via an L2L IPSec tunnel.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sachinraja Wed, 01/07/2009 - 14:28


Are you saying that your PC will remain in your remote office, and you want to connect to that from the datacenter ? really could not interpret what you are trying to do ! BTW, NAT's can help you doing this, but I wanted to know specifically what do you want to do.. source, destination , ports, IP's to be specific ? and.. just to remind.. its good to have NAT's configured close to the source.. and if you have ur IPSEC tunnel between datacenter and remote office, isnt that enough to transport private IP traffic over internet ? sorry . didnt get your setup :(


b-chernish Wed, 01/07/2009 - 14:39

We use the existing block of Public IPs to RDP from the outside world into servers, workstations etc. that reside in the data center. My office is now on the other side of a 100MB link from the actual data center but I would like to continue to use the same Public IP to get access to my PC from the outside world.

Data Center Private IP space 10.1.XXX.XXX

ASA inside IP address /19

ASA has a Public IP address block on Int.0

My Office is now 10.0.XXX.XXX

My PC is and I would like to be able to RDP to it from a Hotel Room etc. by using the block of public IPs assigned to the ASA.


ullasupendran Thu, 01/08/2009 - 09:35

You can do that .Create a static nat for ur PC ip address in the ASA with one of the public ip you have.Also remember to create an access list at the out side interface to permit the required access(ports) to ur PC on the public ip .


This Discussion