Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT translation


I have the following scenario: Router ? ASA ? FTP Servers cluster.

The cluster has 2 servers ( & with a virtual IP of Communication can be initiated either from customer or from servers. When communications is initiated from customer, the customer will try to reach a fake ip that must be translated to the virtual ip of the cluster The reply traffic comes from the virtual ip So if I configure a static nat at the router (  incoming ftp connection works.

The problem is that when the ftp is initiated manually from the server then it uses the real ip as source (instead of the virtual) so the above static nat can not be used. Also I only have 1 fake ip ( for translation.

So my question: is it possible to translate 3 inside local IPs to 1 inside global so that traffic can be initiated from both inside and outside?

Any idea will be appreciated.




Re: NAT translation

Before you configure a NAT rate limit, you should first classify current NAT usage and determine the sources of requests for NAT translations. If a specific host, access control list, or VRF instance is generating an unexpectedly high number of NAT requests, it may be the source of a malicious virus or worm attack. Once you have identified the source of excess NAT requests, you can set a NAT rate limit that contains a specific host, access control list, or VRF instance, or you can set a general limit for the maximum number of NAT requests allowed regardless of their source