NAT/PAT for webservices

Unanswered Question
Feb 18th, 2009

Hi All,

Is there a way of achieving the following.

I have a site-to-site IPSEC VPN between two sites where the remote end accesses a URL connecting to a server at our end. This server is be re-allocated and we are wanting them to access a new one. Without changing the remote end config, is there a way of redirecting the traffic to the new server by way of nat or re-direction etc?

Traffic flow - remote host url resolves to local IP 10.10.10.10. I want to force this to look like 10.10.10.11 when it gets to our end.

Not sure if this is possible as the IP's are on the same local network.

Cheers

Andy

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Wantser1981_2 Wed, 02/18/2009 - 06:53

exactly what I have said to our customer. I dont think it can be achieved......

acomiskey Wed, 02/18/2009 - 07:13

The first thing you have to do is remove the nat exemption for this connection as you now want to nat it.

access-list nat0 deny ip host 10.10.10.10 ...

then add your new static...

static (inside,outside) 10.10.10.10 10.10.10.11 netmask 255.255.255.255

Also make sure that 10.10.10.11 is part of your crypto acl's.

Actions

This Discussion