I'm curious to see if anyone can help with my situation. I currently do not NAT on my inside interface:
NAT 0 0.0.0.0 0.0.0.0
I need to start doing policy NAT for some internal hosts going from inside private IPs to certain sites off of one of my DMZ interfaces. My problem is that this:
Global (DMZ4) 5 18.104.22.168
NAT (inside) 5 access-list DMZ-NAT
NAT (inside) 0 0.0.0.0 0.0.0.0
I need to only NAT inside traffic that matches the access list. If it doesn't match the access-list I don't want to NAT it all. When I try to test this out I see the inside traffic matching the inside access-list and being routed to the DMZ4 interface. However the traffic is never NAT'd. I never see the source IP getting translated to 22.214.171.124 Any suggestions???
My problem is I only need to NAT one IP on the inside interface when it goes to a specific server. I'll NAT it and dump it into my VPN tunnel. The problem is it's going to a Web server (port 80). The IP is the NAT address of my internal firewall. If the traffic doesn't match the ACL then it should go out to the Internet as is. How can I do policy NAT for nat 0 and tell it to NAT to one location, but don't NAT for the rest of the Internet???
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...