cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
451
Views
0
Helpful
4
Replies

8.3 "TwiceNat" possible in 8.0.4?

dmooreami
Level 3
Level 3

Is it possible to get the "twiceNat" feature out of 8.0.4?  Here is the link to 8.3's twice nat.

In short

Asa Inside 192.168.30.1/24

Outside-- 4.4.4.4 (filler IP)

DMZ network 192.168.20.1/24.


DMZ connects to a router that has a 10.10.10.10, 10.10.10.20, and a 172.16.30.1, 172.16.30.2  Servers.

I would like to do the following if possible

Use my Inside 192.168.30.0/24 as the primary inside nat.  This nat would map to and IP's in the DMZ that is mapped to 10.10.10.10, 10.10.10.20.

Trying to keep from having to introduce external subnets into my network. of 8 sites.

The perfect solution, would contact 192.168.30.10 that NATs to 192.168.20.10.  192.168.20.10 would be NAT to 10.10.10.10.

unit is a Asa 5505

4 Replies 4

Jennifer Halim
Cisco Employee
Cisco Employee

Not supported on any version of ASA to double NAT on the ASA.

Twice NAT on version 8.3 does not mean double NATing, it just means you can NAT both the source and destination at the same time with 1 NAT statement. It does not mean you can NAT the packet twice.

Hope that confirms your question.

Panos Kampanakis
Cisco Employee
Cisco Employee

Not sure if I misunderstood your question, but "192.168.30.10 NATed to 192.168.20.10 and  192.168.20.10 NATed to 10.10.10.10." can be done depending on how you want to set it up and between what interfaces.

PK

Yes, I understand.

What I wanted to do, was not have to add routes to those 10.10.x.x IP's. 

Just contact a 192.168.30.10 IP that will do a proxy to the 10.10.x.x IP.

NAT will do that.

For example if you have

static (inside,outside) 10.10.30.10 192.168.30.10

then the ASA will proxy on the outside for 10.10.30.10. And when it sees a packet destined to that ip it will forward it to 192.168.30.10 on the inside.

I hope it makes sense.

PK

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: