Solved: ASA policy based NAT for 8.4

Karam Hanna · ‎10-03-2014

Hi Everyone,

i need you help please with the following scenario

i have a /24 subnet (192.168.1.0/24) this subnet is source users subnet, i need to NAT any source IP coming from this subnet to a single source IP 10.1.1.1 when they try to hit specific destination 172.16.1.1

so it is like this: if source is any IP from 192.168.1.0/24 and the destination is 172.16.1.1 then NAT the source to 10.1.1.1

how can i accomplish this in the ASA version 8.4.7

Karsten Iwen · ‎10-03-2014

you can do it the following way:

object network HOST-172.16.1.1 host 172.16.1.1 object network NET-192.168.1.0 subnet 192.168.1.0 255.255.255.0 object network PAT-10.1.1.1 host 10.1.1.1

nat (inside,outside) source dynamic NET-192.168.1.0 PAT-10.1.1.1 destination HOST-172.16.1.1 HOST-172.16.1.1

View solution in original post

Karsten Iwen · ‎10-03-2014

you can do it the following way:

object network HOST-172.16.1.1 host 172.16.1.1 object network NET-192.168.1.0 subnet 192.168.1.0 255.255.255.0 object network PAT-10.1.1.1 host 10.1.1.1

nat (inside,outside) source dynamic NET-192.168.1.0 PAT-10.1.1.1 destination HOST-172.16.1.1 HOST-172.16.1.1

Karam Hanna · ‎10-06-2014

thanks a lot Karsten