Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
263
Views
0
Helpful
1
Replies

Natting issue with ASA5510

Lavanholy
Level 1
Level 1

‎02-01-2008 07:49 AM

Hi,

I have a router whose serial interface 0/0 is connected to ISP with a valid public IP address.(220.212.212.80)

Then the fastethernet interface 0/0 is connected (IP address 10.10.1.1/24)with the outside interface 0/0 of the ASA5510 whose IP address is 10.10.1.2/24

Now the inside interface 0/1 is connected to the swith,whose IP address is 172.16.1.1/24 which is the gateway for the PROXY server whose IP address 172.16.1.200/24,and there is a APP server whose IP address 172.16.1.201/24,and there is a WEBserver whose IP address is 172.16.1.202/24,the WEB server and APP server has to be NATTED with a public IP address for giving the outside access.

I have 16 valid public IP addresses.

Now I have done the NATTING of the APP and WEB server to 10.10.1.201 and 10.10.1.202 respectively in the firewall,the 10.10.1.201 and 10.10.1.202 is NATTED to 220.212.212.81 and 220.212.212.82 in the router,

Appropriate access lists is also configured to give access to APP and WEB servers from outside.

Will it work with teh above configuration?

Please help me.I have a small doubt whether the double NATTING will wor or not?

Please clarify.

Thanks and Regards,

S.Venkataraman.

Labels:
0 Helpful
1 Reply 1

bob.bartlett
Level 1
Level 1

‎02-02-2008 08:10 AM

Double NAT should be avoided if at all possible. My recommendation would be to perform the NAT on the Router and handle the access control with the ASA.

0 Helpful
Customers Also Viewed These Support Documents