ASA5505 NAT/Translation

Unanswered Question
Jan 14th, 2009
User Badges:

As a packet travels through the firewall (inside => outside) is it possible to NAT the source IP (with the outside interface of the FW) and translate the destination IP? Also, the destination IP (translated IP) would need a static route in the firewall to be reachable.


Thanks


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 01/14/2009 - 10:57
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Michael


Source 192.168.5.1

destination 212.17.12.1

you want to present the destination as 10.5.1.1 to your inside client of 192.168.5.1


nat (inside) 1 192.168.5.1 255.255.255.255

global (outside) 1 interface


the above NAT's your client


static (outside,inside) 10.5.1.1 212.17.12.1 netmask 255.255.255.255


No you don't need a route to the real destination but you would need to ensure any traffic destined for 10.5.1.1 from the inside ended up at inside interface of your firewall.


Jon

Actions

This Discussion