I have a strange question here please bare with me if it is funny but it is woking live with thirdparty firewall which is going to be replaced by the ASA.
Third party firewall is working with below policy and i want to do it in ASA 8.0:
i have a server in my internal network 192.168.1.1 which accepts only specific IP's as a source addresses (192.168.10.1 to 192.168.10.100) on a port 2445 . The connection is initiating from extranet with source ip address 172.16.10.0/24 to destination virtual IP 192.168.100.1 on a port 2445 which is then directing traffic to inside server 192.168.1.1 with a source ip address from the pool mentioned above.
This means the thirdy party firewall is doing the destination NAT and the source NAT which are both merged togther to one flow to achieve the customer requirement,
Can anybody write for me the configs pls.i hope it is a concept of twice nat but how to achieve this in 8.0
To my understanding that would mean that while connecting from interface USERS (172.16.10.0/24) to the MAPPED-DESTINATION host on interface SERVER (192.168.100.1) the ASA firewall would NAT your traffic from network 172.16.10.0/24 to network 192.168.10.0/24 while connecting to the actual REAL-DESTINATION address (192.168.1.1)
I'm not sure if theres any way to do it in older software.
Gotta get my morning coffee and think about it after that My head doesnt always work in the morning
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :