ASA5505 NAT/Translation

Unanswered Question
Jan 14th, 2009

As a packet travels through the firewall (inside => outside) is it possible to NAT the source IP (with the outside interface of the FW) and translate the destination IP? Also, the destination IP (translated IP) would need a static route in the firewall to be reachable.

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 01/14/2009 - 10:57

Michael

Source 192.168.5.1

destination 212.17.12.1

you want to present the destination as 10.5.1.1 to your inside client of 192.168.5.1

nat (inside) 1 192.168.5.1 255.255.255.255

global (outside) 1 interface

the above NAT's your client

static (outside,inside) 10.5.1.1 212.17.12.1 netmask 255.255.255.255

No you don't need a route to the real destination but you would need to ensure any traffic destined for 10.5.1.1 from the inside ended up at inside interface of your firewall.

Jon

Actions

This Discussion