?
Solved

NATting from outside to inside

Posted on 2008-06-20
1
Medium Priority
?
336 Views
Last Modified: 2008-09-25
Hi all,

A customer of ours is having the strangest setup. They have 2 firewalls connecting to the internet. We control only one of them. The other one is the main default gateway for their network.
A few servers use the firewall we control as default gateway (don't ask me why).
Now we need to publish  IP's from servers who's default gateway is pointing to the other firewall

This is what I had but it didn't work:

static (inside,outside) tcp CUSTOMERIP 3200 10.10.10.250 3200 netmask 255.255.255.255
static (inside,outside) tcp CUSTOMERIP 3201 10.10.10.253 3200 netmask 255.255.255.255

access-list outside permit tcp host OURIP host CUSTOMERIP eq 3200
access-list outside permit tcp host OURIP CUSTOMERIP eq 3201

access-list cust_nat permit tcp host OURIP host CUSTOMERIP eq 3200
access-list cust_nat permit tcp host OURIP CUSTOMERIP eq 3201

nat (outside) 2 access-list cust_nat
global (inside) 2 interface


What am I doing wrong?
0
Comment
Question by:o-tvw-ee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 6

Accepted Solution

by:
clearacid earned 2000 total points
ID: 21831795
Try getting rid of the static NAT tcp translation.

static (inside,outside) CUSTOMERIP 10.10.10.250 3200 netmask 255.255.255.255
static (inside,outside) CUSTOMERIP 10.10.10.253 3200 netmask 255.255.255.255

That way - just the translation is being set in this one and you are controlling TCP access on  your access-lists.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question