?
Solved

Need to Nat a source IP on a Cisco ASA 5520

Posted on 2010-09-16
9
Medium Priority
?
629 Views
Last Modified: 2012-05-10
I need to be able to nat the source ip. The connection is originating on a lower sercurity level port...
(low to high)
0
Comment
Question by:axl13
9 Comments
 
LVL 16

Expert Comment

by:InteraX
ID: 33693695
Do you need to nat the entire IP or just a port?

nat (srcint,dstint) <dstip> <srcip> mask <snmask>
0
 

Author Comment

by:axl13
ID: 33693794
I just need the source IP address nated, not the destination...
0
 
LVL 5

Expert Comment

by:Markus Braun
ID: 33694744
You always have a destination - Network address translation, translation means 2
You need to be more specific
like if you could post the parts of the config where things need to be done e.g. interfaces, existing static and global / nat statements - just change the ip's for security reasons
0
How to change the world, one degree at a time.

By embracing technology, we can solve even the biggest problems—including the gender gap.  By earning a degree from WGU, you have an opportunity to gain the knowledge, credentials, and experience it takes to thrive in today’s high-growth IT industry.

 

Author Comment

by:axl13
ID: 33694829

Source ip 140.152.14.214 (security level 0)
desttination ip 192.168.179.66 (security level 18)

all ready in place:  static (high, low) 192.168.179.66  192.168.179.66  netmask 255.255.255.255

We need to do a NAT on the source ip from 140.152.14.214 to 192.168.01
0
 
LVL 17

Accepted Solution

by:
Jimmy Larsson, CISSP, CEH earned 2000 total points
ID: 33694917
static (outside,inside) 192.168.0.1 140.152.14.214

/Kvistofta
0
 

Author Comment

by:axl13
ID: 33701970
does not translate the source ip address.
0
 
LVL 17

Expert Comment

by:Jimmy Larsson, CISSP, CEH
ID: 33702019
Yes it does.

static (inside,outside) which is the most common usage translates the destination address for traffic coming from outside to inside. For traffic from inside to outside it translates the source address.

The opposite static (outside,inside) translates the source address for trffic coming from outside to inside. For traffic from inside to outside it translates the destination address.

/Kvistofta
0
 

Author Comment

by:axl13
ID: 33702069

static (low,high) xxx.xxx.14.214 xx.xx.0.1 netmask 255.255.255.255

from the logs:

Sep 17 10:41:58  %ASA-6-302014: Teardown TCP connection 399839793 for eport:xxx.xxx.14.214/48377 to oft-ei:xxx.xxx.179.66/8080 duration 0:00:30 bytes 0 SYN Timeout
Sep 17 10:42:05  %ASA-6-302014: Teardown TCP connection 399839936 for eport:xxx.xxx.14.214/48403 to oft-ei:xxx.xxx.179.66/8080 duration 0:00:30 bytes 0 SYN Timeout

0
 

Author Closing Comment

by:axl13
ID: 33755006
I just need to reverse the ip address and it worked... Thanks
0

Featured Post

Shaping tomorrow’s technology leaders, today

The leading technology companies all recognize the growing need for gender diversity. Through its Women in IT scholarship program, WGU is working to reverse this trend by empowering more women to earn IT degrees and become tomorrow’s tech-industry leaders.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month14 days, 23 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question