Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
624
Views
5
Helpful
2
Replies

Multiple Static NATs with ASA 8.4.X Code

lovedam
Level 1
Level 1

‎03-13-2012 12:29 PM - edited ‎03-11-2019 03:41 PM

We have a need for an inside address to have more than one static NAT outside addresses.  I know this wasn't possible before 8.3.X code.  I still can't quite get it to work with 8.4.X code yet.

Here is what I had with 8.2 code.

static (inside,outside) 10.21.197.0 10.17.197.0 netmask 255.255.255.0

our inside network is 10.17.197.X/24.  the current NAT we have in place is 10.21.197.X/24. 

we need to add an additional NAT of 10.22.197.X/24 and I also have networks that will need to hit the address with no NAT. 

I do know the source networks where I need each of the three cases:

from 172.20.X.X I need to hit the inside of 10.17.197.X natively, no NAT.

from 192.168.X.X i need to hit the inside of 10.17.197.X with 10.21.197.X NAT

from 10.10.X.X I need to hit the inside of 10.17.197.X with 10.22.197.X NAT

How can I accomplish this?

Thanks,

Damon

Labels:
0 Helpful
2 Replies 2

dchamorro
Level 1
Level 1

‎03-13-2012 03:46 PM

Damon,

This site should help you:

http://www.thenetworker.co.uk/blog/?p=1

You'll need to create a NO NAT static rule and two TWICE NAT rules defining the 192.168.x.x and 10.10.x.x source nets with the different destination NAT's.

Derek

lovedam
Level 1
Level 1
In response to dchamorro

‎03-20-2012 10:27 AM

Derek,

thanks for the link.  I will give this a shot this week.

Thanks,

Damon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card