Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
288
Views
0
Helpful
1
Replies

Translate Incoming Traffic

murphyw
Level 1
Level 1

‎11-01-2005 01:44 AM - edited ‎03-09-2019 12:53 PM

Hi there,

My question may seem a little strange but its only a temporary measure until we have moved our ISP Provision.

I am after NAT'ing incoming traffic (actually replacing the source address with the inside ip)

Here is an example;

Global (outside) 172.31.32.253

Nat (inside) 10.0.0.0 0.0.0.255 tcp 60000 1000

static (inside, outside) 172.31.32.10 10.10.10.10 netmask 255.255.255.255

The problem is that when traffic comes through 172.31.32.10 to the inside network, the source address is kept. This would normally work however we will need to run 2 ISP provision for a week while DNS is changed.

The default gateway on the servers are set to go down ISP A but while DNS starts to change over the Internet, some traffic could start to come over ISP B. The servers will send the request back down ISP A (which doesn't appear to be happy).

My thought was that if it could be NAT'd as the traffic came in, the return traffic would be sent to the Pix on ISP B and the flow would return correctly.

Can this be acheived ?

Hope it makes sense.

Wayne

Labels:
0 Helpful
1 Reply 1

ebreniz
Level 6
Level 6

‎11-07-2005 07:11 AM

Your question is not very clear to me. Are you trying to do 'outside' NAT, so that the source addresses from the Internet are translated to an address range that is inside?

I think this link will help you.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config/bafwcfg.htm#wp1113552

0 Helpful
Customers Also Viewed These Support Documents