Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

One to Many NAT rules to the same DMZ IP

Hello Team,

Could you please let me know if it is possible to provision 3 different public IP addresses to the same DMZ IP (Web server) on an ASA running ver 8.2(4)? Unfortunately, the way the server was provisioned Static or Dynamic PAT will not work.  I have read that ver 8.3 and up supports natively one-to-many NAT translations, but at this point the client is not ready for an upgrade. Is there anything else I could do to overcome this challenge?

Outside --------> DMZ

200.1.1.1------> 10.1.1.1

200.1.1.2------> 10.1.1.1

200.1.1.3------> 10.1.1.1

Thank you,

Gerson

2 REPLIES
Super Bronze

One to Many NAT rules to the same DMZ IP

Hi,

I can think of a couple of ways to view the same local server with multiple IP addresses.

But to be honest I would need to know more about why you would want such a setup. Why would you need 3 different public IP addresses on a single local host?

Can you provide some information on the setup you are trying to achieve.

- Jouni

Cisco Employee

Re: One to Many NAT rules to the same DMZ IP

Hello gerson

U can try the following:

Access-list pnat permit ip host 1.1.1.1 any

Access-list pnat2 permit ip host 1.1.1.1any

Access-list pnat3 permit ip host 1.1.1.1 any

Static (dmz,out) access-list pnat

Static (dmz,out) access-list pnat2

Static (dmz,out) access-list pnat3

With this config it can receive conn from any to those ip addresses but when it initiates connections it will only use the first one on the list.

Hope it helps

Mike

Sent from Cisco Technical Support iPhone App

Mike
287
Views
0
Helpful
2
Replies