Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Destination NAT'ing on ASA

Hi,

if I define a Static NAT'ing on my ASA, will it translate only source IpAddr or Destination IPAddr as well ? (saying I want to perform destination NAT'ing only).

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Destination NAT'ing on ASA

All static statements are bi-directional so -

static (inside,outside) 175.10.10.1 192.168.5.10 netmask 255.255.255.255 means -

1) if the connection was initiated from inside the source IP of 192.168.5.10 would be translated to 175.10.10.1

2) if the connection was initiated from the outside to 175.10.10.1 the destination address would be translated to 192.168.5.10

Jon

3 REPLIES
Cisco Employee

Re: Destination NAT'ing on ASA

static (in,out) 1.1.1.1 10.10.10.10 net 255.255.255.255

in - 100 sec

out - 0 sec

Say 10.x host wants to go to google this is outbound and the source will be translated.

The same flow if google wants to reach 1.1.1.1 inbound (say this 10.x host is actually a webserver) then, the destination address that google will try will be translated to 10.10.10.10

-KS

New Member

Re: Destination NAT'ing on ASA

So the destination IP is translated because it is reply-traffic or would it translate it even though google was just initiating a session ?

In other words, does 'static' work for destination IPAddr on non-reply traffic ? Is the ASA smart enough to see there is a destination IPAddr it has a NAT entry for ?

Thanks

Hall of Fame Super Blue

Re: Destination NAT'ing on ASA

All static statements are bi-directional so -

static (inside,outside) 175.10.10.1 192.168.5.10 netmask 255.255.255.255 means -

1) if the connection was initiated from inside the source IP of 192.168.5.10 would be translated to 175.10.10.1

2) if the connection was initiated from the outside to 175.10.10.1 the destination address would be translated to 192.168.5.10

Jon

317
Views
0
Helpful
3
Replies
CreatePlease to create content