Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How to setup static NAT for an inside address behind a router?

Hi there,

I meet a problem now.  I need to setup static NAT for an inside address behind a router, the config on ASA seems correct, but the connection cannot be established.

Topology:   ASA -- 3825 -- 3750 -- server

Let's say the outside address of ASA is 178.10.10.10, the server address is 10.1.1.1, I configured below on ASA:

static ( inside, outside) tcp interface https 10.1.1.1 https netmask 255.255.255.255

Anything else needed? How do I trouble shooting on this case?

Thanks in advance.

Best regards,

Victor

Everyone's tags (3)
1 REPLY
New Member

Re: How to setup static NAT for an inside address behind a route

It is not clear whate version of software - for 8.43 see my opinion below.

Not sure what you mean by 3825 and 3750.  I will assume users attempting to access a server behind the ASA (coming in on port 3825, and you need port translated to 3750 for server ingress-use.).

1 ACL - optional

a. create object for server (if need an acl to limit users)

b. identify service objects (if need an acl to limit users)

c. create acl rules on outside interface (if neeed acls to limit external users access to server)

2. NAT

d. create nat for external users to access server via object rule.

nat (inside,outside) static interface service tcp 3750 3825
access-group outside_access_in in interface outside

478
Views
0
Helpful
1
Replies