Local addresses : 10.7.1.0/24 on FW1 and 192.168.67.0/24 on FW2
Behind the inside interface of FW2, there's is a remote site (network C).
PC's from network 10.7.1.0 are able to reach PC's on network 192.168.67.0 (no problem)
When a PC from network 10.7.1.0 wants to reach a PC on network C, i need that on the inside interface from FW2 the source address of 10.7.1.0 be translated to a local address of this network (let's say 192.168.67.241), because the network of 10.7.1.0 is not routable to the remote site C
First question : is it ever possible to do this ?
Second question: if possible, what do i need to configure ?
With those 3 commands, all the source addresses for frames from network 192.168.148.0/23 on inside of FW1 are translated to 192.168.67.241 when send out from inside of FW2 and this matches the local network 192.168.67.0/24.
Those frames can than reach the remote site C and the router overthere has a route back to 192.168.67.0.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...