Policy Based Destination NAT

jafarsadiq · ‎07-26-2010

Hi Cisco Experts,

Kindly need your advice on the below;

Setup : Cisco ASA 5520

Any Traffic from any source pointing to Destination IP (Ex: 192.168.10.10:53) to be NATed (Destination Translated) to 172.16.10.10:53. The ASA will have route to 172.16.10.0/24 pointing to the Router's Gateway and the traffic will go outside

It should go out with Same Source IP and Translated Destination IP (From:192.168.10.10:53 to 172.16.10.10:53).

This sounds like Policy Based Destination NATing.

Your Valuable Suggestions are Appreciated.

Thanks a lot,

Jafy

Nagaraja Thanthry · ‎07-26-2010

Hello,

You just need destination NAT.

Static(outside,inside) udp 192.168.10.10 53 172.16.10.10 53 netmask

255.255.255.255

This is assuming that your internal network is either 192.168.10.x or your

hosts are using the ASA as the gateway.

Hope this helps.

Regards,

NT

jafarsadiq · ‎07-27-2010

Hi Nagy,

Thanks for your response..

Let me be more specific..

My Host IP: 10.10.10.10 (Source)

My DNS IP: 192.168.10.10 (Destination)

IP to be Translated: 172.16.10.10 (Xlated Destination)

The actual IP address of the DNS is 172.16.10.10 and i dont my LAN users to see this IP. So, we use 192.168.10.10 for users and we translate that to 172.16.10.10, which will not be visible to users..

Hope you got it..

thanks

Jafy

This request from inside my LAN should be

Nagaraja Thanthry · ‎07-27-2010

Hello,

The configuration I posted earlier achieves the exact same purpose.

172.16.10.10 will be appearing as 192.168.10.10 for all the internal hosts.

Regards,

NT

jafarsadiq · ‎07-27-2010

Hi Nagy,

Thanks a lot..

I am surprised!! is that Simple??

I will check this after working hours on Thursday and update you..

Thanks

Jafy