Policy Based Destination NAT

Unanswered Question
Jul 26th, 2010

Hi Cisco Experts,

Kindly need your advice on the below;

Setup : Cisco ASA 5520

Any Traffic from any source pointing to Destination IP (Ex: 192.168.10.10:53) to be NATed (Destination Translated) to 172.16.10.10:53. The ASA will have route to 172.16.10.0/24 pointing to the Router's Gateway and the traffic will go outside

It should go out with Same Source IP  and Translated Destination IP (From:192.168.10.10:53 to 172.16.10.10:53).

This sounds like Policy Based Destination NATing.

Your Valuable Suggestions are Appreciated.

Thanks a lot,

Jafy

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Nagaraja Thanthry Mon, 07/26/2010 - 07:00

Hello,

You just need destination NAT.

Static(outside,inside) udp 192.168.10.10 53 172.16.10.10 53 netmask

255.255.255.255

This is assuming that your internal network is either 192.168.10.x or your

hosts are using the ASA as the gateway.

Hope this helps.

Regards,

NT

jafarsadiq Tue, 07/27/2010 - 05:33

Hi Nagy,

Thanks for your response..

Let me be more specific..

My Host IP: 10.10.10.10 (Source)

My DNS IP: 192.168.10.10 (Destination)

IP to be Translated: 172.16.10.10 (Xlated Destination)

The actual IP address of the DNS is 172.16.10.10 and i dont my LAN users to see this IP. So, we use 192.168.10.10 for users and we translate that to 172.16.10.10, which will not be visible to users..

Hope you got it..

thanks

Jafy

This request from inside my LAN should be

Nagaraja Thanthry Tue, 07/27/2010 - 05:40

Hello,

The configuration I posted earlier achieves the exact same purpose.

172.16.10.10 will be appearing as 192.168.10.10 for all the internal hosts.

Regards,

NT

jafarsadiq Tue, 07/27/2010 - 05:46

Hi Nagy,

Thanks a lot..

I am surprised!! is that Simple??

I will check this after working hours on Thursday and update you..

Thanks

Jafy

Actions

This Discussion