Cisco ASA 5506-X Configuration Manual page 104
Cli
Hide thumbs
Also See for ASA 5506-X:
- Installation manual (46 pages) ,
- Hardware installation manual (26 pages) ,
- Quick start manual (14 pages)
Advertisement
Examples for Twice NAT
hostname(config)# object network SMTP_SERVER
hostname(config-network-object)# host 10.1.2.29
hostname(config-network-object)# nat (inside,outside) static 209.165.201.3 service tcp
smtp smtp
Examples for Twice NAT
This section includes the following configuration examples:
•
•
•
Different Translation Depending on the Destination (Dynamic Twice PAT)
The following figure shows a host on the 10.1.2.0/24 network accessing two different servers. When the
host accesses the server at 209.165.201.11, the real address is translated to 209.165.202.129:port. When
the host accesses the server at 209.165.200.225, the real address is translated to 209.165.202.130:port.
Figure 5-5
10.1.2.27
Add a network object for the inside network:
Step 1
hostname(config)# object network myInsideNetwork
hostname(config-network-object)# subnet 10.1.2.0 255.255.255.0
Cisco ASA Series Firewall CLI Configuration Guide
5-6
Different Translation Depending on the Destination (Dynamic Twice PAT), page 5-6
Different Translation Depending on the Destination Address and Port (Dynamic PAT), page 5-7
Example: Twice NAT with Destination Address Translation, page 5-9
Twice NAT with Different Destination Addresses
Server 1
209.165.201.11
209.165.201.0/27
Translation
209.165.202.129
Packet
Dest. Address:
209.165.201.11
Server 2
209.165.200.225
209.165.200.224/27
DMZ
Translation
10.1.2.27
209.165.202.130
Inside
10.1.2.0/24
Packet
Dest. Address:
209.165.200.225
10.1.2.27
Chapter 5
NAT Examples and Reference
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
