Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
651
Views
0
Helpful
1
Replies

How to setup static NAT for an inside address behind a router?

spidermanchar
Level 1
Level 1

‎03-19-2012 12:00 AM - edited ‎03-11-2019 03:43 PM

Hi there,

I meet a problem now.  I need to setup static NAT for an inside address behind a router, the config on ASA seems correct, but the connection cannot be established.

Topology:   ASA -- 3825 -- 3750 -- server

Let's say the outside address of ASA is 178.10.10.10, the server address is 10.1.1.1, I configured below on ASA:

static ( inside, outside) tcp interface https 10.1.1.1 https netmask 255.255.255.255

Anything else needed? How do I trouble shooting on this case?

Thanks in advance.

Best regards,

Victor

Labels:
0 Helpful
1 Reply 1

llamaw0rksE
Level 1
Level 1

‎03-23-2012 10:08 AM

It is not clear whate version of software - for 8.43 see my opinion below.

Not sure what you mean by 3825 and 3750.  I will assume users attempting to access a server behind the ASA (coming in on port 3825, and you need port translated to 3750 for server ingress-use.).

1 ACL - optional

a. create object for server (if need an acl to limit users)

b. identify service objects (if need an acl to limit users)

c. create acl rules on outside interface (if neeed acls to limit external users access to server)

2. NAT

d. create nat for external users to access server via object rule.

nat (inside,outside) static interface service tcp 3750 3825
access-group outside_access_in in interface outside

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card