Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Searching for ideas on how to redirect traffic



Network: New York =

Network: Washington =

Network California =

Network: new Location =


New York facility (Users, packaging, warehousing, etc) will be systematically moving to a new Location. Current EDI host resides in New York Facility at IP A new EDI is setup and will be deployed to the new Location and configured with a new

A change to the DNS record will resolve 80% of connectivity issues from LAN devices to the new EDI host. However, there are rogue devices such as hand held scanners statically configured to connect to the Current EDI host IP address rather than FQDN.

I'm looking for some ideas how I can fool or NAT translate on the destination to the host, say when these packets come in from New York, Washington or California. I need these packets to be redirected to

Being that the New York network is a flat subnet, I don't know how I can utilize both the inside and outside interface to accomplish this goal!

Perhaps I would need to create a second routable VLAN (, place the inside interface into the subnet and the outside into the subnet, and static route back into the MPLS interface at IP, where will be found in the BGP routing table?

Thoughts anyone?

Please respond to



Cisco Employee

Re: Searching for ideas on how to redirect traffic

Destination nat config is below.

same-security-traffic permit intra-interface

static (inside,inside)

Assuming you are running pix/asa 7.x and above code.

The above static line will U-Turn all traffic destined to arriving on the inside interface out the same interface to

Community Member

Re: Searching for ideas on how to redirect traffic

Hi Kusankar,

I've tried this and it isn't working. The packet-tracer doesn't have any BLOCKs. I see the global land local address in the logs.

I have this setup in a lab. is my test PC. is my inside global IP mapped to the real address of a HP print server

I'll have to dig deeper, example check arp,

If you have any thoughts, please shoot them my way.



%PIX-6-302020: Built ICMP connection for faddr gaddr laddr

%PIX-6-302021: Teardown ICMP connection for faddr gaddr laddr

CreatePlease to create content