I know this is possible, but I just can't figure out what the config would look like. The goal is to be able have a server farm inside a firewall answer requests that are destined to 2 different IP blocks during a migration period.
The internal server farm would be statically configured with New-ISP-Net ip's, so the pix would just translate requests destined to these ip's directly to the servers (if traffic is allowed via an acl of course).
This can be done with either a NAT 0 or static (inside,outside) x.x.x.x x.x.x.x.
The part I am trying to figure out is that we want to also allow those same servers answer request that come in for OLD-ISP-Net ip's. What is the best way to have the pix handle this dual/policy NAT situation?
Re: How to NAT into 2 different public IP's on PIX?
As long as the communication is initiated from outside and is stateful (ie TCP), you can add another inside IP address to the NIC of the server, then you would have 2 NAT translations on the PIX to the different internal IP addresses:
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...