Searching for ideas on how to redirect traffic

Unanswered Question
Oct 27th, 2009



Network: New York =

Network: Washington =

Network California =

Network: new Location =


New York facility (Users, packaging, warehousing, etc) will be systematically moving to a new Location. Current EDI host resides in New York Facility at IP A new EDI is setup and will be deployed to the new Location and configured with a new

A change to the DNS record will resolve 80% of connectivity issues from LAN devices to the new EDI host. However, there are rogue devices such as hand held scanners statically configured to connect to the Current EDI host IP address rather than FQDN.

I'm looking for some ideas how I can fool or NAT translate on the destination to the host, say when these packets come in from New York, Washington or California. I need these packets to be redirected to

Being that the New York network is a flat subnet, I don't know how I can utilize both the inside and outside interface to accomplish this goal!

Perhaps I would need to create a second routable VLAN (, place the inside interface into the subnet and the outside into the subnet, and static route back into the MPLS interface at IP, where will be found in the BGP routing table?

Thoughts anyone?

Please respond to [email protected]



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Kureli Sankar Tue, 10/27/2009 - 20:50

Destination nat config is below.

same-security-traffic permit intra-interface

static (inside,inside)

Assuming you are running pix/asa 7.x and above code.

The above static line will U-Turn all traffic destined to arriving on the inside interface out the same interface to

jkrawczyk Thu, 10/29/2009 - 11:29

Hi Kusankar,

I've tried this and it isn't working. The packet-tracer doesn't have any BLOCKs. I see the global land local address in the logs.

I have this setup in a lab. is my test PC. is my inside global IP mapped to the real address of a HP print server

I'll have to dig deeper, example check arp,

If you have any thoughts, please shoot them my way.



%PIX-6-302020: Built ICMP connection for faddr gaddr laddr

%PIX-6-302021: Teardown ICMP connection for faddr gaddr laddr


This Discussion