10-09-2014 07:52 PM - edited 03-11-2019 09:54 PM
We currently have three batch servers that send batch files out to customers, we don't accept connections inbound (no connections initiated from the customer to us). Currently those batch servers pass through an old Cisco CSS (content services switch) and when it does it basically NATs those three source IPs into a single IP (172.31.2.4). On the ASA there's a static NAT that NATs that single IP to a public IP, no big deal so far and this all works for active and passive FTP connections.
Now we want to remove those old CSSs so the batch servers would pass through the network to the external firewalls without being NATTED (unlike what is happening today when they are NATTED to 172.31.2.4). I want to know if I create a dynamic (PAT) nat on the ASA to take those three batch server IP addresses and NAT them to a single IP, does anything see a problem with that? Will Active and Passive FTP continue to work? I assume it will. I believe a static NAT would not work in this scenario and that I would need to use dynamic (PAT). Thoughts?
10-09-2014 08:24 PM
Hi,
So , If i understand it correctly , this was the setup with CSS in place:-
Three IP >> CSS >> 1 IP >>>ASA >> Public IP
Now ,
Three IP >> ASA >> Public IP
Now , as the Server is behind the ASA device you would need a separate Static PAT/Static NAT for each IP for the servers to get it to work.
Please let me know if you have any queries.
Thanks and Regards,
Vibhor Amrodia
10-09-2014 10:12 PM
Does that mean I also need a separate public ip for each now also? Or simply just a separate static nat for each source IP to the same public IP?
Example:
Nat (inside,outside) 1 source static object-172.16.1.1 public-ip01
Nat (inside,outside) 2 source static object-172.16.1.2 public-ip01
Nat (inside,outside) 3 source static object-172.16.1.3 public-ip01
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide