Example: Twice Nat With Destination Address Translation; Nat In Routed And Transparent Mode - Cisco ASA Series Configuration Manual
Firewall cli, asa services module, and the adaptive security virtual appliance
Hide thumbs
Also See for ASA Series:
- Cli configuration manual (2164 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 10
NAT Examples and Reference
Add a service object for HTTP:
Step 7
hostname(config)# object service HTTPObj
hostname(config-network-object)# service tcp destination eq http
Configure the second twice NAT rule:
Step 8
hostname(config)# nat (inside,outside) source dynamic myInsideNetwork PATaddress2
destination static TelnetWebServer TelnetWebServer service HTTPObj HTTPObj
Example: Twice NAT with Destination Address Translation
The following figure shows a remote host connecting to a mapped host. The mapped host has a twice
static NAT translation that translates the real address only for traffic to and from the 209.165.201.0/27
network. A translation does not exist for the 209.165.200.224/27 network, so the translated host cannot
connect to that network, nor can a host on that network connect to the translated host.
Figure 10-7
NAT in Routed and Transparent Mode
You can configure NAT in both routed and transparent firewall mode. This section describes typical
usage for each firewall mode.
•
•
Twice Static NAT with Destination Address Translation
209.165.201.11
209.165.201.0/27
Undo Translation
209.165.202.128
10.1.2.27
NAT in Routed Mode, page 10-10
NAT in Transparent Mode, page 10-10
209.165.200.225
209.165.200.224/27
DMZ
Inside
10.1.2.0/27
10.1.2.27
Cisco ASA Series Firewall CLI Configuration Guide
NAT in Routed and Transparent Mode
No Translation
10-9
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
