is the following ok? I am unsure if I can nat my 47.15 address to 3.21 with the interface alreading having a NAT that appears to be for all traffic going over the interface. Any guidence on this would be great.
this also depends on what you're trying to accomplish. the way you have it, it's actually set up for PAT (aka NAT overloading) and not a true 1:1 static NAT. If you want inbound connections to be allowed to 192.168.47.15, you should use the static command.
depending on what ACL's datae and datap look like, the nat 3 statement may never take affect.
I am trying to make it so that only the data going from my internal 47.15 gets nat'd to 3.21 and info going to all other locations continues as was stated before. The firewall is currently working in the enviroment as:
global (outside_datae) 1 192.168.1.25
global (outside_datap) 2 192.168.3.25
nat (inside) 1 access-list datae
nat (inside) 2 access-list datap
access-group data_e in interface outside_datae
access-group data_p in interface outside_datap
I have added the enteries in my first post to get access to a different location on the outside, but have a specific translation on that address. The first post I made has the changes I added and I was just wondering the implications of my changes. Hopefully they don't break what was already there.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...