Experts, see attached file of my asa config. It is a simple config.
I have an ipsec vpn tunnel established.
The tunnel works and my users are able to RDP to 10.75.100.240. They have a preconfigured RDP icon with this IP.
The problem is I need to set their RDP icon to point to IP 22.214.171.124 (there is a specific reason for this not mentioned) without touching the VPN tunnel.
I can accomplish this by adding:
static (outside,inside) 126.96.36.199 10.75.100.240 netmask 255.255.255.255
After adding the NAT, I can point their RDP icon to 188.8.131.52 and it works fine. However, when I try to go to RDP to the real IP 10.75.100.240, it doesnt work anymore.
A packet tracer: packet-tracer input inside tcp 192.168.3.24 10000 10.75.100.240 3389 detailed
When I remove the static NAT, i'm able to RDP to it using 10.75.100.240 again. I'm curious as to why I can't rdp to 10.75.100.240 when the static NAT is in place. I would like the users to have the ability to reach both IPs so that I can put in the static NAT and take my time to repoint the RDP icons one at a time.
Even with the NAT in place, when they go to 10.75.100.240, it should hit the ACL inside_nat0_outbound and go out fine right?
Is traffic going out, but not able to come back?