Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Policy Based Destination NAT

Hi Cisco Experts,

Kindly need your advice on the below;

Setup : Cisco ASA 5520

Any Traffic from any source pointing to Destination IP (Ex: 192.168.10.10:53) to be NATed (Destination Translated) to 172.16.10.10:53. The ASA will have route to 172.16.10.0/24 pointing to the Router's Gateway and the traffic will go outside

It should go out with Same Source IP  and Translated Destination IP (From:192.168.10.10:53 to 172.16.10.10:53).

This sounds like Policy Based Destination NATing.

Your Valuable Suggestions are Appreciated.

Thanks a lot,

Jafy

Everyone's tags (4)
4 REPLIES
Cisco Employee

Re: Policy Based Destination NAT

Hello,

You just need destination NAT.

Static(outside,inside) udp 192.168.10.10 53 172.16.10.10 53 netmask

255.255.255.255

This is assuming that your internal network is either 192.168.10.x or your

hosts are using the ASA as the gateway.

Hope this helps.

Regards,

NT

New Member

Re: Policy Based Destination NAT

Hi Nagy,

Thanks for your response..

Let me be more specific..

My Host IP: 10.10.10.10 (Source)

My DNS IP: 192.168.10.10 (Destination)

IP to be Translated: 172.16.10.10 (Xlated Destination)

The actual IP address of the DNS is 172.16.10.10 and i dont my LAN users to see this IP. So, we use 192.168.10.10 for users and we translate that to 172.16.10.10, which will not be visible to users..

Hope you got it..

thanks

Jafy

This request from inside my LAN should be

Cisco Employee

Re: Policy Based Destination NAT

Hello,

The configuration I posted earlier achieves the exact same purpose.

172.16.10.10 will be appearing as 192.168.10.10 for all the internal hosts.

Regards,

NT

New Member

Re: Policy Based Destination NAT

Hi Nagy,

Thanks a lot..

I am surprised!! is that Simple??

I will check this after working hours on Thursday and update you..

Thanks

Jafy

2400
Views
0
Helpful
4
Replies
CreatePlease login to create content