NAT/PAT for webservices

Unanswered Question
Feb 18th, 2009
User Badges:

Hi All,

Is there a way of achieving the following.


I have a site-to-site IPSEC VPN between two sites where the remote end accesses a URL connecting to a server at our end. This server is be re-allocated and we are wanting them to access a new one. Without changing the remote end config, is there a way of redirecting the traffic to the new server by way of nat or re-direction etc?


Traffic flow - remote host url resolves to local IP 10.10.10.10. I want to force this to look like 10.10.10.11 when it gets to our end.


Not sure if this is possible as the IP's are on the same local network.


Cheers


Andy

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Wantser1981_2 Wed, 02/18/2009 - 06:53
User Badges:

exactly what I have said to our customer. I dont think it can be achieved......

acomiskey Wed, 02/18/2009 - 07:13
User Badges:
  • Green, 3000 points or more

The first thing you have to do is remove the nat exemption for this connection as you now want to nat it.


access-list nat0 deny ip host 10.10.10.10 ...


then add your new static...


static (inside,outside) 10.10.10.10 10.10.10.11 netmask 255.255.255.255


Also make sure that 10.10.10.11 is part of your crypto acl's.

Actions

This Discussion